15 Feb 2019

Increasing Involvement of Nation-states in Ransomware Attacks

New research by Recorded Future projects an increase of nation-state involvement in ransomware attacks. Researchers expect that ransomware attacks will be increasingly carried out by countries that are subject to harsh sanctions, such as North Korea, to generate revenue. Another possibility is the deployment of ransomware strains by state-backed hackers

Read More
08 Feb 2019

Ransomware Attack Via MSP Locks Customers Out of Systems

Earlier this week, an unidentified threat actor managed to launch a massive ransomware attack resulting in the encryption of between 1,500 to 2,000 endpoint devices belonging to users of a single US managed service provider (MSP). The MSP was subsequently urged to pay a ransom of $2.6 million to have the systems

Read More
30 Jan 2019

Theoretical Ransomware Attack Could Lead to Global Damages Says Report

A new report by Cambridge University, Nanyang Technological University, Lloyd’s, Aon, MSIG, and SCOR TransRe, describes the effects of a hypothetical global ransomware attack of unprecedented scale. According to the speculative cyber risk scenario, over 600,000 organizations around the globe would be impacted by a ransomware strain in less than 24 hours. The attack

Read More
24 Jan 2019

New Anatova Ransomware Supports Modules for Extra Functionality

Security researchers with McAfee have discovered a new ransomware strain dubbed Anatova. The ransomware was found disguised as a game in a peer-to-peer network. Anatova will encrypt files on infected computers and subsequently demand a ransom of around $700 in DASH cryptocurrency (10 coins). The campaign is targeting users around the globe,

Read More
21 Jan 2019

Fallout EK Retools for a Fresh New 2019 Look

The infamous Fallout exploit kit (EK), commonly used in malvertising campaigns, has received a major update and can now deliver GandCrab ransomware. After a brief lull in activity since the end of last year, researchers with Gigamon have spotted a new wave of activity involving the malicious toolbox. The EK

Read More
15 Jan 2019

Criminals wielding Ryuk ransomware specialize in targeting enterprises

Research by CrowdStrike and FireEye sheds light on the success and modus operandi of Grim Spider, the threat group behind Ryuk ransomware. Over the last six months, Grim Spider has only gone after enterprises, a strategy that seems to be paying off, since the threat actors have already earned about $3,7 million

Read More
14 Jan 2019

Del Rio City Hall Forced to Use Paper After Ransomware Attack

Last Thursday, The City Hall of Del Rio, Texas suffered a ransomware attack. The City’s M.I.S. (Management Information Services) Department responded to the attack by disconnecting the local network from the Internet and prohibiting staff from logging on to their computers, thereby forcing them to perform their duties using only pen and

Read More
11 Jan 2019

McAfee casts doubt on Ryuk ransomware connection to North Korea

Security researchers with McAfee have released a report in which they argue that the recent Ryuk ransomware attack on Tribune Publishing Co., which disrupted the distribution of various major US newspapers, was not carried out by North Korean hackers, as various media outlets have claimed. According to the report, the threat actors

Read More
09 Jan 2019

This old ransomware is using an unpleasant new trick to try and make you pay up

Researchers at cyber security firm Coveware have uncovered a new ransomware campaign in which threat actors try to manipulate victims into paying ransom to regain access to their files, by claiming the money will be donated to charity. The ransomware used in the campaign is CryptoMix, a relatively unknown file-encrypting

Read More
08 Jan 2019

GandCrab Operators Use Vidar Infostealer as a Forerunner

In a disturbing two-stage malvertising attack campaign that highlights the increasingly complex nature of cyber attacks, the threat actors behind the infamous GandCrab ransomware have added Vidar, an information-stealing Trojan to their arsenal. In the first stage of the attack, the Fallout Exploit Kit is used to distribute Vidar. After

Read More