Defeating Ransomware-as-a-Service? Think Intel-Sharing

The Colonial Pipeline ransomware attack put a glaring spotlight on the ransomware scourge – and, in particular, on the rise of ransomware-as-a-service RaaS. That attack was perpetrated by DarkSide, a RaaS platform that purportedly first surfaced last August. While the group now claims they’re don...

McAfee Labs Advanced Threat Research Aids Arrest of Suspected Cybercrime Gang Linked to Top Malware CTB Locker

ARCHIVED STORY McAfee Labs Advanced Threat Research Aids Arrest of Suspected Cybercrime Gang Linked to Top Malware CTB Locker By Trellix · December 20, 2017 In our recent research, we interviewed the actors behind ransomware campaigns. One of the interesting findings was cybercriminals seemed to...

Ransomware Roundup: Attacking Shadow Copies Featuring Cryptowall

Ransomware is innovating to spread faster, hit harder and increase its payout potential. New unknown variants pop up daily, and many leverage non-malware techniques to evade traditional defenses. Cryptowall is a perfect example of how modern ransomware is evolving, using new techniques to disable...

ALERT: This New Ransomware Steals Passwords Before Encrypting Files

You should be very careful while visiting websites on the Internet because you could be hit by a new upgrade to the World's worst Exploit Kit – Angler, which lets hackers develop and conduct their own drive-by attacks on visitors' computers with relative ease. Many poorly-secured websites are...

Angler Exploit Kit Spreading Cryptowall 4.0

As expected, it didn’t take long for one of the most popular exploit kits, Angler, to start spreading the latest iteration of Cryptowall ransomware. A drive-by campaign that uses a one-two punch to drop Cryptowall 4.0 has been observed in the wild this week, according to researchers at Heimdal...

Hackers are using Nuclear Exploit Kit to Spread Cryptowall 4.0 Ransomware

Beware Internet Users! Cryptowall 4.0 – the newest version of the world's worst Ransomware – has surfaced in the Nuclear exploit kit, one of the most potent exploit kits available in the underground market for hacking into computers. Ransomware threat has emerged as one of the biggest threats to...

Nuclear Exploit Kit Spreading Cryptowall 4.0 Ransomware

In short order, the newest version of Cryptowall has begun showing up in exploit kits. The SANS Internet Storm Center said on Tuesday that an attacker working off domains belonging to Chinese registrar BizCN has been moving the ransomware via the Nuclear Exploit Kit. SANS ISC handler and Rackspac...

Cryptowall 4.0 Encrypts File Names, Clears Restore Points

Cryptowall has gotten a minor, but important facelift that might make it more difficult for researchers to tear apart and for victims to recover their encrypted data without paying a ransom. Spotted two days ago, the latest update to the ransomware has begun not only encrypting data on victims’...

Free Ransomware Decryption Tool — CoinVault and Bitcryptor

Have you been infected with the insidious CoinVault or Bitcryptor ransomware? If so, there is some potentially good news for you. You may now recover your encrypted files for FREE! – Thanks to the efforts of Dutch police and antivirus maker Kaspersky Lab. Security researchers from Kaspersky Lab a...

FBI Suggests Ransomware Victims — 'Just Pay the Ransom Money'

Your Headache is not my Problem. If your computer gets hacked and infected with malware that holds your data for ransom, just pay off the criminals to see your valuable data again and do not expect the FBI to save them – it's what the FBI is advising concerning ransomware. Ransomware is a...

WordPress Hacks Behind Spike in Neutrino EK Traffic

Unsurprisingly, a rash of compromised WordPress websites is behind this week’s surge in Neutrino Exploit Kit traffic, researchers at Zscaler said. In a report published yesterday, Zscaler said it spotted attacks against sites running older versions of the content management system, 4.2 and earlie...

Cybercrime Group Switches from Angler Exploit Kit to Neutrino

A prominent cybercrime actor or group has been kicking the tires on the Neutrino Exploit Kit to move ransomware and other malware, the SANS Institute’s Internet Storm Center reported today. Neutrino is a tier below the prolific Angler Exploit Kit, which is frequently at the heart of new attacks,...

New Version of TeslaCrypt Changes Encryption Scheme

A new version of the nasty TeslaCrypt ransomware is making the rounds, and the creators have added several new features, including an improved encryption scheme and some details designed to mimic CryptoWall. TeslaCrypt is among the more recent variants of ransomware to emerge and the malware, whi...

Angler Exploit Kit Evasion Techniques Cryptowall 3.0

The Angler Exploit Kit is turning into a model for malware rapidly integrating new evasion techniques. Starting in early June, URL patterns used by the notorious exploit kit have been changing almost daily, coinciding with it pushing Cryptowall 3.0 ransomware. SANS Internet Storm Center handler...

Away from the Flash, away from the dangerous: from Flash 0day vulnerability disclosure to the integrated penetration tools package, only used 4-day-vulnerability warning-the black bar safety net

6 on 2 7 January, a penetration testing Toolkit Magnitude has been successfully Adobe Flash Player 0day vulnerability, and this time only in the Adobe release fix vulnerabilities patch after four days, kit software the author recently become the fastest to achieve the use of the Flash Player...

Magnitude Exploit Kit Adobe Flash Zero Day 0Day

The urgency to patch Adobe Flash Player installations ramped up over the weekend when exploits for a recently patched zero-day vulnerability were found in the Magnitude Exploit Kit. French researcher Kafeine said on Sunday that a sample he encountered was dropping two instances of Cryptowall...

FBI Says Cryptowall Cost Victims $18 Million Since 2014

In a little more than a year, consumers affected by the Cryptowall ransomware have reported to the FBI more than $18 million in losses related to infections from the malware. Cryptowall is among the group of ransomware families that encrypt the files on victims’ computers and then demands a ranso...

IC3 Issues Alert on CryptoWall Ransomware

The Internet Crime Complaint Center IC3 has issued an alert warning that U.S. individuals and businesses are still at risk of CryptoWall ransomware fraud. Scam operators use ransomware—a type of malicious software—to infect a device and restrict access until a ransom fee is paid­­. Individuals an...

Cryptowall 3.0 Infections Spike from Angler EK, Malicious Spam

Since the Angler Exploit Kit began in late May spreading Cryptowall 3.0 ransomware, traffic containing the malware has continued to grow, putting more potential victims in harm’s way. Today, the SANS Internet Storm Center reported that Cryptowall 3.0 infections are emanating from not only the...

Angler Exploit Kit Exploiting New Adobe Vulnerability, Dropping Cryptowall 3.0

While the Angler Exploit Kit may have already established itself as one of the more sophisticated kits on the underground market, it appears it’s still finding ways to evolve. Angler, this week, was spotted dropping the latest iteration of CryptoWall ransomware and leveraging yet another previous...