Police Dept Loses 10 Months of Work to Ransomware. Gets Infected a Second Time Secret Service agents are now investigating the point of entry for both infections, hoping to find clues and track down the hackers. The first ransomware infection took place on April 23, last month and encrypted ten months worth of work data related to active investigations. Officials said they didn’t pay the ransom and were able… Read More
SynAck targeted ransomware uses the Doppelgänging technique The Process Doppelgänging technique was first presented in December 2017 at the BlackHat conference. Since the presentation several threat actors have started using this sophisticated technique in an attempt to bypass modern security solutions. In April 2018, we spotted the first ransomware employing this bypass technique – SynAck ransomware. It should be noted that SynAck… Read More
School District Pays $10,000 Bitcoin Ransom To Hackers After Cyberattack And despite the nefarious nature of the school system’s lockdown, there is no criminal investigation into the matter because solving this crime is “impossible,” said Interim Leominster Police Chief Michael Goldman. Source: cbslocal… Read More
Spartacus ransomware: introduction to a strain of unsophisticated malware There is nothing impressive about them, in fact just the opposite. I would say they are boring at best. So why are we writing about one of them? The analysis of Spartacus can essentially be used as a base knowledge and reference for anyone analyzing variants of these basic .NET ransomware that they may come… Read More
New C# Ransomware Compiles itself at Runtime A new in-development ransomwarewas discovered that has an interesting characteristic. Instead of the distributed executable performing the ransomware functionality, the executablescompiles an embedded encrypted C# program at runtime and launches it directly into memory. Source: bleepingcomputer… Read More
Atlanta Spent $2.6M to Recover From $52,000 Ransomware Scare The City of Atlanta spent more than $2.6 million on emergency efforts to respond to a ransomware attack that destabilized municipal operations last month. Attackers, who infected the city’s systems with the pernicious SamSam malware, asked for a ransom of roughly $50,000 worth of bitcoin. (The exact value has fluctuated due to bitcoin’s volatility.) Atlanta… Read More
Microsoft Engineer Charged in Reveton Ransomware Case The accused is Raymond Uadiale, 41, a naturalized US citizen of Nigerian descent, who currently works for Microsoft in Seattle since 2014, according to his LinkedIn page. Source: bleepingcomputer… Read More
New Matrix Ransomware Variants Installed Via Hacked Remote Desktop Services Two new Matrix Ransomware variants were discovered this week by MalwareHunterTeamthat arebeing installed through hacked Remote Desktop services. While both of these variants encrypt your computer’s files, one is a bit more advanced with more debugging messages and the use of cipher to wipe free space. Source: bleepingcomputer… Read More
Boeing production plant infected with WannaCry ransomware According to areport from theSeattle Times, the dreaded WannaCry ransomware hit a Boeing production plant in Charleston, South Carolina on Wednesday. Source: securityaffairs… Read More
Tracking ransomware end-to-end You get two for the price of one with today’s paper! Firstly, it’s a fascinating insight into the ransomware business and how it operates, with data gathered over a period of two years. Secondly, since ransomware largely transacts using Bitcoin, the methods used by the research team to uncover and trace ransomware activity are also… Read More