Ransomware News 2020 August -  Úvod  2020  2019  2018  0  1  2  3 


2020 -  January February March April May June July August September October November December


H  Ransomware  Jak útoèí  Klany  Techniky  Obrana  Popisky  Anti-Ramson Tool  Rescue plan  Anti-ransomware vaccine  RansomFree  Prevence  Video  Vývoj 

DATE

NAME

INFO

CATEGORY

SUBCATE

22.8.20

New SFile ransomware variant

GrujaRS found a new variant of the SFile Ransomware that appends the .morseop-7j9wrqr! extension.

RANSOM RANSOM

22.8.20

New Jigsaaw and Wannacry Xorist variants

Michael Gillespie discovered new Xortist variants that append either the .jigsaaw or .wannacry extensions.

RANSOM RANSOM

22.8.20

DarkSide: New targeted ransomware demands million dollar ransoms

A new ransomware operation named DarkSide began attacking organizations earlier this month with customized attacks that have already earned them million-dollar payouts.

RANSOM RANSOM

22.8.20

University of Utah hit by ransomware, pays $457K ransom

The University of Utah has paid a $457,000 ransomware to prevent threat actors from releasing files stolen during a ransomware attack.

RANSOM RANSOM

22.8.20

New TapPiF Ransomware

Xiaopao found the TapPiF Ransomware that appends the .ehre extension to encrypted files.

RANSOM RANSOM

22.8.20

New Dharma Ransomware variants

Xiaopao found new Dharma ransomware variants that append either the .Aim or .rec extension to encrypted files.

RANSOM RANSOM

22.8.20

New in-dev ransomware uses Slack hook

MalwareHunterTeam found a new in-development ransomware that utilizes a Slack hook to notify the developer of new victims.

RANSOM RANSOM

22.8.20

Ukraine arrests gang who ran 20 crypto-exchanges and laundered money for ransomware gangs

Law enforcement in Ukraine has announced today the arrest of a cybercrime gang who ran 20 cryptocurrency exchanges where they laundered more than $42 million in funds for criminal groups.

RANSOM RANSOM

22.8.20

New P4YME screen locker

Karsten Hahn found a new screen locker called P4YME that demands €75.

RANSOM RANSOM

22.8.20

World's largest cruise line operator Carnival hit by ransomware

Cruise line operator Carnival Corporation has disclosed that one of their brands suffered a ransomware attack over the past weekend.

RANSOM RANSOM

22.8.20

Business technology giant Konica Minolta hit by new ransomware

Business technology giant Konica Minolta was hit with a ransomware attack at the end of July that impacted services for almost a week, BleepingComputer has learned.

RANSOM RANSOM

16.8.20

New VARI STOP Ransomware variant

Michael Gillespie found a new STOP ransomware variant that appends the .vari extension to encrypted files.

RANSOM RANSOM

16.8.20

New Coronaviruses RaaS being sold

3xp0rt has found a threat actor selling a Coronaviruses Ransomas-as-a-Service for $5,000.

RANSOM RANSOM

16.8.20

New BACK Dharma Ransomware variant

Jakub Kroustek found a new variant of the Dharma Ransomware that appends the .Back extension.

RANSOM RANSOM

16.8.20

New HiddenTear variant

Karsten Hahn found a new HiddenTear variant that appends the .id-[].LOCKED extension and drops a ransom note named HOW TO RECOVER YOUR FILES !!!.txt.

RANSOM RANSOM

16.8.20

Over 25% of all UK universities were attacked by ransomware

A third of the universities in the United Kingdom responding to a freedom of information (FOI) request admitted to being a victim of a ransomware attack. These represent more than 25% of the universities and colleges in the country.

RANSOM RANSOM

16.8.20

Canon USA's stolen files leaked by Maze ransomware gang

A ransomware gang has published unencrypted files allegedly stolen from Canon during a ransomware attack earlier this month.

RANSOM RANSOM

16.8.20

New RansomBlox Ransomware

Xiaopao found a new ransomware called RansomBlox.

RANSOM RANSOM

16.8.20

Dharma ransomware created a hacking toolkit to make cybercrime easy

The Dharma Ransomware-as-a-Service (RaaS) operation makes it easy for a wannabe cyber-criminal to get into the ransomware business by offering a toolkit that does almost everything for them.

RANSOM RANSOM

16.8.20

Colorado city forced to pay $45,000 ransom to decrypt files

A city in Colorado, USA, has been forced to pay $45,000 after the City's devices were encrypted in July, and they were unable to restore necessary files from backup.

RANSOM RANSOM

16.8.20

New Matrix Ransomware variant

Michael Gillespie found a new Matrix ransomware variant that appends the .AB89 to encrypted files and drops a ransom note named AB89_INFO.rtf.

RANSOM RANSOM

16.8.20

New XATI Dharma Ransomware variant

Michael Gillespie found a new Dharma ransomware variant that appends the .xati extension to encrypted files.

RANSOM RANSOM

16.8.20

New BigLock Ransomware variant

Michael Gillespie found a new BigLock ransomware variant that appends the .pandemic extension to encrypted files and drops a ransom note named PROTECT.txt.

RANSOM RANSOM

16.8.20

New OOON STOP Ransomware variant

Michael Gillespie found a new STOP ransomware variant that appends the .oonn extension to encrypted files.

RANSOM RANSOM

16.8.20

Avaddon ransomware launches data leak site to extort victims

Avaddon ransomware is the latest cybercrime operation to launch a data leak site that will be used to publish the stolen data of victims who do not pay a ransom demand.

RANSOM RANSOM

16.8.20

New GET Dharma Ransomware variant

Jakub Kroustek found a new variant of the Dharma Ransomware that appends the .get extension.

RANSOM RANSOM

8.8.20

CheckMail7 decryptor released

Emsisoft has released a decryptor for the CheckMail7 Ransomware.

RANSOM RANSOM

8.8.20

New Zes Xorist Ransomware variant

Michael Gillespie found a new Xorist ransomware variant that appends the .zes extension to encrypted files.

RANSOM RANSOM

8.8.20

Canon confirms ransomware attack in internal memo

Canon has suffered a ransomware attack that impacts numerous services, including Canon's email, Microsoft Teams, USA website, and other internal applications. In an internal alert sent to employees, Canon has disclosed the ransomware attack and working to address the issue.

RANSOM RANSOM

8.8.20

Sample of PhantomChina found

Xiaopao found a sample of the PhantomChina ransomware that appends the .phantom extension and drops a ransom note named !How_To_Decrypt_My_File_????????.hta.

RANSOM RANSOM

8.8.20

New WEEK Dharma ransomware variant

Xiaopao found a new Dharma ransomware variant that appends the .WEEK extension to encrypted files.

RANSOM RANSOM

8.8.20

The realities of ransomware: Why it’s not just a passing fad

Here we are seven years later scratching our heads, still thinking about what to do to defend ourselves against ransomware. You would think in seven years we ought to have gotten better at deterring attackers from this type online crime.But, like almost everything in information security, ransomware is a complicated, and an attack that has only grown more complex, particularly in the last 10 months.

RANSOM RANSOM

8.8.20

The realities of ransomware: The evasion arms race

Behavioral shifts changed the ransomware landscape as criminals challenge defenses

RANSOM RANSOM

8.8.20

The realities of ransomware: Five signs you’re about to be attack

A manager on the Managed Threat Response team explains what to expect when you’re expecting a ransomware attack

RANSOM RANSOM

8.8.20

The realities of ransomware: Extortion goes social in 2020

Sophos’ senior security advisor on the growing threat of ransomware that threatens to publish companies’ private data

RANSOM RANSOM

8.8.20

The realities of ransomware: A victim’s-eye view of an attack

The Managed Threat Response manager offers a unique perspective on the realities of being the target of ransomware

RANSOM RANSOM

8.8.20

Interpol: Lockbit ransomware attacks affecting American SMBs

American medium-sized companies are actively targeted by LockBit ransomware operators according to an Interpol report on the impact the COVID-19 pandemic had on cybercrime around the world.

RANSOM RANSOM

8.8.20

WastedLocker ransomware abuses Windows feature to evade detection

The WastedLocker ransomware is abusing a Windows memory management feature to evade detection by security software.

RANSOM RANSOM

8.8.20

New Homer Dharma Ransomware variant

Marcelo Rivero found a new Dharma ransomware variant that appends the .homer extension and drops ransom notes named FILES ENCRYPTED.txt and Info.hta.

RANSOM RANSOM

8.8.20

Garmin 'paid multi-million dollar ransom to criminals using Arete IR', say sources

Smartwatch maker Garmin paid a multi-million dollar ransom to criminals who encrypted its computer files through a ransomware negotiation business called Arete IR, sources have told Sky News.

RANSOM RANSOM

8.8.20

Netwalker ransomware earned $25 million in just five months

The Netwalker ransomware operation has generated a total of $25 million in ransom payments since March 1st according to a new report by McAfee.

RANSOM RANSOM

8.8.20

New FlyStudio ransomware variant

Jirehlov found #Ransomware #Flystudio #China https://app.any.run/tasks/3d4fc8d4-2a2e-404b-a693-5a1680d456b8/… .itunes itunes-DECRYPT----1596322702829.txt sample note: https://pastebin.com/z3eW5Y1N

RANSOM RANSOM

8.8.20

Ransom Demands Rise With Market Share Split Between Big Game Hunters and Amateur RaaS Affiliates

The Coveware Quarterly Ransomware Report describes ransomware incident response trends during Q2 of 2020. Ransomware attacks against enterprises forked in Q2 between big game attacks and an increase in new RaaS variants targeting small businesses. Victim demographics and resolution metrics are aggregated to present ransomware incident response statistics driven by actual case events.

RANSOM RANSOM

8.8.20

New Nefilim ransomware variant

d2hvYW1p found a new Nefilim Ransomware variant that appends the .NEF1LIM extension to encrypted files.

RANSOM RANSOM

8.8.20

New WannaCash 2.0 Ransomware variant

Alex Svirid found a new variant of the WannaCash Ransomware that changes an encrypted file's name to [number] ???? ??????????. ????. [ ????? mylifeisfear@cock.li ] .WANNACASH.

RANSOM RANSOM

8.8.20

New ZaCaPa STOP Ransomware variant

Michael Gillespie found a new Xorist ransomware variant that appends the .ZaCaPa extension to encrypted files.

RANSOM RANSOM

8.8.20

New Nile STOP Ransomware variant

Michael Gillespie found a new STOP ransomware variant that appends the .nile extension to encrypted files.

RANSOM RANSOM

8.8.20

Confirmed: Garmin received decryptor for WastedLocker ransomware

BleepingComputer can confirm that Garmin has received the decryption key to recover their files encrypted in the WastedLocker Ransomware attack.

RANSOM RANSOM

4.8.20

Emsisoft released an updated decryptor for RedRum

Emsisoft released an updated decryptor the RedRum Ransomware that now decrypts the .thanos variant.

RANSOM RANSOM

4.8.20

GandCrab ransomware operator arrested in Belarus

An affiliate of the GandCrab ransomware-as-a-business (RaaS) has been arrested, according to some Russian news sources. Authorities in Russia were able to identify the individual in cooperation with law enforcement in Romania and the U.K.

RANSOM RANSOM

4.8.20

New Xorist Ransomware variant

Michael Gillespie found a new variant of Xorist Ransomware that appends the .GlUtEzOn.VaNoLe extension to encrypted files.

RANSOM RANSOM

4.8.20

Canadian MSP discloses data breach, failed ransomware attack

Managed service provider Pivot Technology Solutions has disclosed that it was the victim of a ransomware attack that resulted in sensitive information being accessed by the hackers.

RANSOM RANSOM

4.8.20

New ransomware discovered

xiaopao discovered a new ransomware that does not append an extension but drops a ransom note named RANSOM_NOTE.txt.

RANSOM RANSOM

4.8.20

New Matrix Ransomware variant

Michael Gillespie found a new variant of Matrix Ransomware that appends the .MH24 extension and drops a ransom note named MH24_README.rtf.

RANSOM RANSOM

4.8.20

New Dharma Ransomware variant

Marcelo Rivero found a new variant of the Dharma Ransomware that appends the .mnbzr extension to encrypted files.

RANSOM RANSOM

4.8.20

New MedusaLocker Ransomware variant

Toffee found a new MedusaLocker Ransomware variant that appends the .deadfiles extension to encrypted files.

RANSOM RANSOM

4.8.20

New ElmerGlue_3 Ransomware

xiaopao discovered a new ransomware called ElmersGlue_3 (not kidding).

RANSOM RANSOM

4.8.20

New CryLock Ransomware variant

xiaopao discovered a new variant of the CryLock Ransomware that appends a random extension to encrypted files.

RANSOM RANSOM

4.8.20

FBI warns of Netwalker ransomware targeting US government and orgs

The FBI has issued a security alert about Netwalker ransomware operators targeting U.S. and foreign government organizations, advising their victims not to pay the ransom and reporting incidents to their local FBI field offices.

RANSOM RANSOM

4.8.20

New Dharma Ransomware variant

Marcelo Rivero found a new variant of the Dharma Ransomware that appends the .tcprx extension to encrypted files.

RANSOM RANSOM

4.8.20

New Matrix Ransomware variant

Michael Gillespie found a new variant of Matrix Ransomware that appends the .DECC extension to encrypted files.

RANSOM RANSOM

4.8.20

New Everbe ransomware variant

Toffee found a new Everbe ransomware variant that appends the .COCKROACH extension to encrypted files.

RANSOM RANSOM

4.8.20

Feature-rich Ensiko malware can encrypt, targets Windows, macOS, Linux

Threat researchers have found a new feature-rich malware that can encrypt files on any system running PHP, making it a high risk for Windows, macOS, and Linux web servers.

RANSOM RANSOM

4.8.20

North Korean hackers created VHD ransomware for enterprise attacks

North Korean-backed hackers tracked as the Lazarus Group have developed and are actively using VHD ransomware against enterprise targets according to a report published by Kaspersky researchers today.

RANSOM RANSOM

4.8.20

Business giant Dussmann Group's data leaked after ransomware attack

The Nefilim ransomware operation has begun to publish unencrypted files stolen from a Dussmann Group subsidiary during a recent attack.

RANSOM RANSOM

4.8.20

New KOOK STOP Ransomware variant

Michael Gillespie found a new variant of STOP Ransomware that is appending the .kook extension to encrypted files.

RANSOM RANSOM

4.8.20

Garmin confirms ransomware attack, services coming back online

Garmin has officially confirmed that they were victims of a ransomware attack as they slowly bring their Garmin Connect, Strava, and navigation services back online.

RANSOM RANSOM

4.8.20

No More Ransom turns 4: Saves $632 million in ransomware payments

The No More Ransom Project celebrates its fourth anniversary today after helping over 4.2 million visitors recover from a ransomware infection and saving an estimated $632 million in ransom payments.

RANSOM RANSOM