Thanos Ransomware May Get Around Certain Security Systems

In 2019, a new strain of ransomware called Thanos burst onto the scene and has since been spreading quietly and seeing increased adoption by hackers around the world. The code has been traced to a Russian hacker going by the name Nosophorus, who has been offering the software as ‘Ransomeware-as-a-service’ on Russian-speaking forums on the Dark Web since February 2020. …

PonyFinal Is Another New Ransomware To Watch Out For

Microsoft recently issued a security advisory about a new strain of ransomware that’s been cropping up with increasing frequency in India, Iran and the US. Called PonyFinal, one of the things that differentiates this strain from the pack is that it’s deployed in what the company describes as human-operated ransomware attacks. Most of the ransomware attacks we see are bot …

Monetary Demands Are Skyrocketing For Ransomware Decryptions

Ransomware attacks have evolved quite a lot over the course of the past year, and have become one of the most visible threats organizations of all sizes face. That is, based on recently published research conducted by Group-IB, which analyzed the rapidly changing threat landscape. Their findings should disturb every business owner. Here’s a quick overview: First and foremost, ransomware …

Hackers Are Demanding Extra Ransomware Payments From Victims

Hackers who use ransomware to conduct their attacks have a new trick up their sleeves. A ransomware family has begun employing the tactic of not only demanding payment to unlock infected systems, but also demanding an additional payment. They’re demanding an extra payment to keep them from publishing copies of the files they stole before encrypting everything. Hackers have been …

Ransomware Targets Company Working On A COVID-19 Vaccine

It’s common knowledge that hackers are highly opportunistic and certainly not above targeting children, the sick and the dying if there’s money to be made. Even so, attacking a drug company currently doing research to find a vaccine for COVID-19 has to be counted as a new low, even for hackers. Sadly, that exact scenario has happened. Recently, Hammersmith Medicines …

Coronavirus Health Notifications Being Used To Carry Malicious Threats

A Pakistani-based hacking group that goes by a variety of names, including “Transparent Tribe,” “APT36,” “Mythic Leopard” and others has been discovered to be behind a particularly nasty attack recently. Researchers with QiAnXin’s RedDrip Team discovered a phishing campaign bearing the group’s stamp. This new campaign utilizes poisoned files that appear to be health advisories sent by the Indian government. …

Another Week Another New Ransomware To Be Concerned About

There’s a new strain of ransomware to put on your radar. This latest one was discovered by researchers working from SentinelLabs and it has been dubbed Nefilim. Based on the initial research, it seems to share significant portions of its code base with an older strain, Nemty 2.5. The two key differences between the two strains are as follows: Nefilim’s …

Paradise Ransomware Using Internet Query Files To Deliver Payload

The Paradise ransomware is like a bad penny; it just keeps turning up. The strain first appeared back in 2017, when it was spread far and wide via phishing emails. Then it seemed to fall out of favor for a while, and now, it’s back again. Even worse, it’s back with a new trick up its virtual sleeves. In its …

Coronavirus cybercrime

Hackers Are Capitalizing On Coronavirus

Cybercriminal activity is always evolving, and now hackers are banking on the novel coronavirus having potential victims distracted when clicking a link. Hackers are capitalizing on fears and the quest for information by creating malicious websites disguised as popular COVID-19 maps. When unsuspecting users click on the map, they are prompted to open an applet. This software infects the computer …

Emails Pretending To Be Secret Admirers Could Be Ransomware

Nemty Ransomware isn’t an especially well-known threat, but it’s dangerous and should not be discounted. Recently, researchers have discovered an ongoing spam-email driven campaign that’s attempting to spread the ransomware far and wide. An unknown group of hackers are sending out what appear to be love letters from secret admirers in a broad pattern. They are probably simply using email …