Tag: Ransomware

REvil Ransomware Evolution: New Tactics, Impressive Gains, and High-Profile Targets
REvil Ransomware Evolution: New Tactics, Impressive Gains, and High-Profile Targets

The REvil gang stands behind the avalanche of attacks targeting major companies across the US, Europe, Africa, and South America. In March 2021, ransomware operators claimed almost a dozen of intrusions that resulted in sensitive data compromise. The list of victims includes law firms, construction companies, international banks, and manufacturing vendors. As per news reports, […]

Read More
Zeoticus 2.0: Nasty Ransomware Strain Receives Major Upgrade
Zeoticus 2.0: Nasty Ransomware Strain Receives Major Upgrade

Starting from December 2020, a new version of Zeoticus ransomware has been actively targeting users in the wild. Zeoticus 2.0 comes with better performance and enhanced offline capabilities, posing a bigger threat to businesses worldwide.  What is Zeoticus Ransomware? Zeoticus is a relatively new malware sample that appeared in the cyber threat arena in December […]

Read More
Quasar RAT: Detecting Malicious Successors
Quasar RAT: Detecting Malicious Successors

Quasar remote administration tool (RAT) is a multi-functional and light-weight malware actively used by APT actors since 2014. Quasar’s code is publicly available as an open-source project, which makes the Trojan extremely popular among adversaries due to its broad customization options. As a result, a variety of samples exist inside the Quasar malware family. Many […]

Read More
Affiliates vs Hunters: Fighting the DarkSide
Affiliates vs Hunters: Fighting the DarkSide

Introduction On August 2020 a new type of malware, belonging to the Ransomware category, appeared in the cyber threat landscape. Threat actor responsible for its development called it “DarkSide” and, like others piece of malware of this type, is operated in Big Game Hunting (BGH) campaigns. Around more or less the same time, a DLS […]

Read More
Warzone RAT Malware Used by Confucius APT in Targeted Attacks
Warzone RAT Malware Used by Confucius APT in Targeted Attacks

Security researchers have spotted an ongoing Confucius APT campaign that leverages Warzone RAT malware to compromise its targets. The campaign is presumably aimed at the governmental sector of China and other South Asia countries. Warzone RAT Description Warzone remote access Trojan (RAT), a prolific successor of AveMaria stealer, first emerged in 2018 as a malware-as-a-service […]

Read More
DoppelPaymer Ransomware Detection
DoppelPaymer Ransomware Detection

DoppelPaymer ransomware is gaining momentum as a leading threat to critical infrastructure assets. According to the FBI warning released in December 2020, DoppelPaymer has targeted multiple organizations in healthcare, educational, governmental and other sectors. The attack routine is highly sophisticated and aggressive, allowing its operators to extort six- and seven-digit ransoms from their victims. Notably, […]

Read More
Mount Locker Ransomware
Mount Locker Ransomware

Companies worldwide are reported to have failed victims of the recent ransomware attack by Mount Locker. The new ongoing ransomware attack targets corporate networks and demands millions of dollars ransom payment is Bitcoins, and the hackers utter threats to reveal the encrypted data publicly if the victims refuse to pay ransom. Mount Locker ransomware activity […]

Read More
Detection Content: FTCode Ransomware
Detection Content: FTCode Ransomware

Today, we want to draw your attention to another ransomware targeting at Italian-speaking users. First spotted by the researchers back in 2013, FTCode is PowerShell based ransomware that is distributed via spam. In the recent attacks, the FTCode ransomware was delivered to the victim machines with an email containing an attachment pretending to be an […]

Read More
Production of ASCO Stymied by Ransomware
Production of ASCO Stymied by Ransomware

Delaware, USA – June 18, 2019 – One of the leaders of airplane parts manufacturing was informed to have shut down operations at its plants because of a large-scale ransomware attack. Asco Industries who is the leader in the design and manufacture of major functional components for Boeing and Airbus commercial passenger jets, Airbus A400M […]

Read More
Ransomware Targets Michigan Daily Graft
Ransomware Targets Michigan Daily Graft

Delaware, USA – April 8, 2019 – Another local infrastructure was hit by massive ransomware attack. Disruption of routine operations requiring a computer and inability to process payments is only the top of the iceberg of all the issues that Genesee County, Michigan faced trying to restore after the Packman ransomware attack, the abc12 informs. […]

Read More