Jump to content

Search the Community

Showing results for tags 'ransomware'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Site Related
    • News & Updates
    • Site / Forum Feedback
    • Member Introduction
  • News
    • General News
    • FileSharing News
    • Mobile News
    • Software News
    • Security & Privacy News
    • Technology News
  • Downloads
    • nsane.down
  • General Discussions & Support
    • Filesharing Chat
    • Security & Privacy Center
    • Software Chat
    • Mobile Mania
    • Technology Talk
    • Entertainment Exchange
    • Guides & Tutorials
  • Off-Topic Chat
    • The Chat Bar
    • Jokes & Funny Stuff
    • Polling Station


  • Drivers
  • Filesharing
    • BitTorrent
    • eDonkey & Direct Connect (DC)
    • NewsReaders (Usenet)
    • Other P2P Clients & Tools
  • Internet
    • Download Managers & FTP Clients
    • Messengers
    • Web Browsers
    • Other Internet Tools
  • Multimedia
    • Codecs & Converters
    • Image Viewers & Editors
    • Media Players
    • Other Multimedia Software
  • Security
    • Anti-Malware
    • Firewalls
    • Other Security Tools
  • System
    • Benchmarking & System Info
    • Customization
    • Defrag Tools
    • Disc & Registry Cleaners
    • Management Suites
    • Other System Tools
  • Other Apps
    • Burning & Imaging
    • Document Viewers & Editors
    • File Managers & Archivers
    • Miscellaneous Applications
  • Linux Distributions

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...

  1. Iranian Hackers Hit H&M Israel as Local Firms Fight New Wave of Cyberattacks At least four Israeli companies, one NGO may have been targeted by what experts say could be a new attack by the Iranian group that was behind previous hacks Employees watch electronic boards to monitor possible ransomware cyberattacks by hackers. IllustrationCredit: Yun Dong-jin,AP Israel is in the midst of a new wave of cyberattacks, some six months after over 80 Israel companies were targeted in a string of ransom attacks that experts said were ideologically and not financiall
  2. In The Ransomware Battle, Cybercriminals Have The Upper Hand Washington, D.C., Police Chief Robert Contee addresses reporters in January. The police department has acknowledged that its computer network has been breached by attackers seeking a ransom. Such attacks against local governments, hospitals and corporations have been rising sharply. Bill O'Leary/AP The NBA's Houston Rockets were hit by a ransomware attack earlier this month. Now it's the Washington, D.C., police department. The common thread is a ransomware group called Babuk, which was unknown and likely
  3. Discord Nitro gift codes now demanded as ransomware payments In a novel approach to ransom demands, a new ransomware calling itself 'NitroRansomware' encrypts victim's files and then demands a Discord Nitro gift code to decrypt files. While Discord is free, they offer a Nitro subscription add-on for $9.99 per month that provides additional perks, such as larger uploads, HD video streaming, enhanced emojis, and the ability to boost your favorite server, so its users enjoy extra functionality as well. When purchasing a Nitro subscription, users ca
  4. How the Kremlin provides a safe harbor for ransomware In the U.S. alone last year, ransomware struck more than a hundred federal, state and municipal agencies, upward of 500 hospitals and other health care centers. A Russian man identified as Alexander Vinnik, center, is escorted by police officers from the courthouse in Thessaloniki, Greece, on Sept. 29, 2017. Vinnik was convicted of laundering $160 million in criminal proceeds through a cryptocurrency exchange called BTC-e. A global epidemic of digital extortion known as ransomware is crippling local
  5. Cring Ransomware Used in Attacks on European Industrial Firms Attackers exploited a vulnerability in Fortigate VPN servers to gain access to target networks, researchers report. Researchers with Kaspersky say several companies in Europe's industrial sector were recent victims of attacks using Cring ransomware. Attackers exploited CVE-2018-13379, a vulnerability in Fortigate SSL VPN servers, to gain access to the victim's networks, researchers report. The unpatched servers were exposed to the Internet. This vulnerability was publicized in 2019 bu
  6. The ‘Phobos’ Ransomware Is Getting a Stealth-Boosting Upgrade Phobos has received some updates that are geared towards file-less payload delivery and execution. The actors behind the otherwise unsophisticated ransomware strain are more focused on cyber-espionage. In one case, they managed to roam in a company’s network for eight months while staying undetected. The latest variants of the “Phobos” ransomware may be especially hard to detect, as according to a technical report by researchers at Morphisec, the malware authors have incorporated
  7. FBI sends out private industry alert about Mamba ransomware The US Federal Bureau of Investigations has sent out this week a private industry notification to US organizations warning about attacks carried out by the Mamba ransomware gang, along with basic instructions about how organizations could recover from an attack if the intrusion was caught in its early stages. In their alert [PDF] on Tuesday, FBI officials said the ransomware “has been deployed against local governments, public transportation agencies, legal services, technology services, industrial, commercial,
  8. Microsoft Exchange servers now targeted by BlackKingdom ransomware Another ransomware operation known as 'BlackKingdom' is exploiting the Microsoft Exchange Server ProxyLogon vulnerabilities to encrypt servers. Over the weekend, security researcher Marcus Hutchins, aka MalwareTechBlog, tweeted that a threat actor was compromising Microsoft Exchange servers via the ProxyLogon vulnerabilities to deploy ransomware. Based on the logs from his honeypots. Hutchins states that the threat actor used the vulnerability to execute a PowerShell script that downloa
  9. High-availability server maker Stratus hit by ransomware Stratus Technologies has suffered a ransomware attack that required systems to be taken offline to prevent the attack's spread. Stratus Technologies is a well-known provider of high availability products, such as their ztC edge computing devices and the ftServer fault-tolerant server solution. Stratus products are commonly used by banks, telecommunication providers, emergency call centers, and healthcare that require fault-tolerant 99.999% (five nines) uptime. Yesterday, Stratus Technologi
  10. REvil ransomware has a new ‘Windows Safe Mode’ encryption mode The REvil ransomware operation has added a new ability to encrypt files in Windows Safe Mode, likely to evade detection by security software and for greater success when encrypting files. Windows Safe Mode is a special startup mode that allows users to run administrative and diagnostic tasks on the operating system. This mode only loads the bare minimum of software and drivers required for the operating system to work. Furthermore, any programs installed in Windows that are configur
  11. Hackers Steal Data From Israeli Car Financing Company K.L.S. Capital Reportedly Did Not Pay Ransom Cars on Israeli highway (Photo: Tel Aviv, Pixabay) Israeli car financing company K.L.S. Capital Ltd. says that on March 10, hackers stole customer information, ID photos, vehicle licenses, scans of checks and loan information from its servers. "Upon discovery of the break-in, the company immediately acted to close the break-in and the information leak was stopped," the company says in a statement. "At the same time, the company began investigating the breac
  12. Deep Instinct to offer $3 million ransomware warranty Guy Caspi, co-founder and CEO of Deep Instinct, said with the new announcement that the company is “offering a level of protection for our customers that goes beyond anything on the market today.” Deep Instinct announced Thursday that it would back its product with a performance guarantee that delivers false positivity rates of less than 1 percent, plus a ransomware warranty of up to $3 million per company for a single breach. Based on backing from reinsurance company the Munich Re Group, Deep Insti
  13. Data breach exposes information of more than 200,000 MultiCare staff, patients A data breach potentially exposed more than 200,000 patients, providers and staff at MultiCare via a tech vendor tied to Woodcreek Provider Services. DAMIAN DOVARGANES AP FILE, 2013 A medical practice management firm that provides support to MultiCare has alerted more than 200,000 patients, providers and staff of a ransomware attack of its tech vendor, potentially exposing personal information. The information was retrieved after an undisclosed ransom was paid, according to W
  14. New DEARCRY Ransomware is targeting Microsoft Exchange Servers Threat actors are now installing a new ransomware called 'DEARCRY' after hacking into Microsoft Exchange servers using the recently disclosed ProxyLogon vulnerabilities. Since Microsoft revealed earlier this month that threat actors were compromising Microsoft Exchange servers using new zero-day ProxyLogon vulnerabilities, a significant concern has been when threat actors would use it to deploy ransomware. Unfortunately, tonight our fears became a reality, and threat actors are using
  15. Darkside 2.0 Ransomware Promises Fastest Ever Encryption Speeds Threat intelligence experts are warning of a new version of the Darkside ransomware variant which its creators claim will feature faster encryption speeds, VoIP calling and virtual machine targeting. Israeli outfit Kela shared with Infosecurity information posted by the Russian-speaking group to dark web forums XSS and Exploit. They claim that the Windows version of Darkside 2.0 encrypts files faster than any other ransomware-as-a-service (RaaS) and is twice as speedy as the previous itera
  16. How the ‘HelloKitty’ Ransomware Manages to Succeed Even If It Lacks Sophistication “HelloKitty” is a ransomware strain that has achieved success without doing any of the “extras” of its counterparts. The particular strain is using strong encryption, specific targeting, and simplistic threat methods. Its authors haven’t even bothered to hide the termination of running processes, maybe because it’s not needed. In this day and age, almost all ransomware families and RaaS platforms rely on double-extortion techniques like leaking stolen data on
  17. Ryuk ransomware hits 700 Spanish government labor agency offices The systems of SEPE, the Spanish government agency for labor, were taken down following a ransomware attack that hit more than 700 agency offices across Spain. "Currently, work is being done with the objective of restoring priority services as soon as possible, among which is the portal of the State Public Employment Service and then gradually other services to citizens, companies, benefit and employment offices," an announcement on the agency's website reads. "The application deadlines for bene
  18. ‘Sarbloh’ Ransomware Targets Specific Political Entities in India There’s a highly-targeted yet unsophisticated ransomware campaign taking place in India right now. The actors are encrypting files down not for money but for the retraction of a law that passed a couple of months back. The distribution takes place via email, and the payload itself is fetched from AWS thanks to macro code. There’s a new ransomware strain on the Indian cyber-space, targeting entities linked to a very specific political agenda. Called Sarbloh, this new piece of m
  19. ‘Educational’ ransomware program may instead become a how-to guide for attackers Cybercriminals could adopt and modify the code included in a proof-of-concept ransomware program in order to launch their own attacks, warns Trend Micro. (Yvon Liu/CC BY-NC-SA 2.0) A developer published via GitHub a proof-of-concept (POC) ransomware program featuring strong compatibility with the post-exploitation tool Cobalt Strike, open-source coding, and extensionless encryption. The author claims the program, dubbed Povlsomware, is designed to be an educa
  20. Ransomware gang plans to call victim's business partners about attacks The REvil ransomware operation announced this week that they are using DDoS attacks and voice calls to journalists and victim's business partners to generate ransom payments. The REvil ransomware operation, also known as Sodinokibi, is a ransomware-as-a-service (RaaS) where the ransomware operators develop the malware and payment site, and affiliates (adverts) compromise corporate networks to deploy the ransomware. As part of this deal, the
  21. The Nefilim Ransomware Group Has Hit ‘Spirit Airlines’ American ultra-low-cost airline “Spirit Airlines” had a ransomware breach by the Nefilim group. Parts of the stolen data are leaked on the dark web, and they contain credit card and transaction details. The airline hasn’t acknowledged the security incident yet, and neither have they sent notices of a breach. The Florida-based low-cost airline “Spirit Airlines” has been hit by the Nefilim ransomware group, which is already publishing samples of the stolen data on their dark web portal. Th
  22. These two unusual versions of ransomware tell us a lot about how attacks are evolving Researchers detail two new types of ransomware - AlumniLocker and Humble. Both are new and have very different ways of doing things, demonstrating the diversity in a space attackers are keep to get involved in. Two newly discovered forms of ransomware with very different traits show just how diverse the world of ransomware has become as more cyber criminals attempt to join in with cyber extortion. Both forms of ransomware emerged in February and have been detailed by cybersecurity
  23. New ransomware only decrypts victims who join their Discord server A new ransomware called 'Hog' encrypts users' devices and only decrypts them if they join the developer's Discord server. This week, security researcher MalwareHunterTeam found an in-development decryptor for the Hog Ransomware that requires victims to join their Discord server to decrypt their files. BleepingComputer was later able to find the encryptor component [VirusTotal] for the ransomware, which, when executed, will check if a particular Discord server exists, and if it do
  24. RTM Cybergang Adds New Quoter Ransomware to Crime Spree The Russian-speaking RTM threat group is targeting organizations in an ongoing campaign that leverages a well-known banking trojan, brand new ransomware strain and extortion tactics. The Russian-speaking group behind the infamous RTM banking trojan is now packing a trifecta of threats as it turns up the heat – part of a massive new money-grab campaign. Beyond the banking malware it is known for, attackers have enlisted a recently-discovered ransomware family called Quoter as part of a
  25. Ransomware Attacks Soared 150% in 2020 Ransomware surged by 150% in 2020 with the average extortion amount doubling, according to a new report from Group-IB. The Singapore-based security firm analyzed over 500 attacks last year to compile its Ransomware Uncovered 2020-2021 report, which maps for the first time the most common tactics, techniques and procedures (TTPs) to the MITRE ATT&CK framework. The average ransom demand stood at $170,000 last year, but groups like Maze, DoppelPaymer, and RagnarLocker averaged between $1 million and $2 mil
  • Create New...