GandCrab is a new group of hazardous ransomware that is making its rounds since the beginning of the year 2018. It is now dubbed as the most prolific ransomware virus of the year due to its several updates and revisions that shows how serious it is in attacking systems. On this section, we have emphasized the changes on each version including adjustment on its encryption technique and dissemination campaign. Read more »
CryptoMix MOLE66 is a new variant of ransomware which is also known as CrypMix. Similar to most ransomware, this new variant is using an RSA encryption algorithm, which requires a private key in order to decrypt affected files. However, attached _Help_Instructions_.Txt file did not state how much victim have to pay to obtain the key. Read more »
0000-SORRY-FOR-FILES ransom virus is dubbed by computer security experts as SamSam or Samas. It open attack computers with open connections of RDP (Remote Desktop Protocol). This virus breaks into the computer by brute forcing the RDP endpoints and lock target files on the computer. Read more »
Hackers Invasion is a malware that encrypts certain files on targeted computer. Once this virus is executed on the system, it immediately infects files and appends the extension with .Doxes. To site an example, encrypted document file will appear something like mydocument.docx.Doxes and Spreadsheet data will be mysheet.xlsx.Doxes. Read more »
Pendor Ransomware is a deadly malware that encrypts certain files on targeted computer. Once this virus is run on the system, it immediately infects files and appends the extension with its own. It may also include the attackers email address to remind user who to contact if they wish to recover files. Read more »
Ykcol Ransomware is another ransom virus that was made to generate profit by encrypting targeted files on the computer. It is identified as new version of Locky. The attacker is using a complex algorithm that requires a combination code to successfully recover affected files. Read more »
BrickR Ransomware is a deadly malware that encrypts certain files on targeted computer. Once this virus is executed on the system, it immediately infects files and appends the extension with .brickr. To site an example, encrypted document file will appear something like mydocument.docx.brickr and Spreadsheet data will be mysheet.xlsx.brickr. Read more »
Executioner (CELLAT) Ransomware is another ransom virus that was made to generate profit by encrypting targeted files on the computer. The attacker is using a complex algorithm that requires a combination code to successfully recover affected files. Read more »
CryptoGod Ransomware (also called PayForUnlock) is a deadly malware that encrypts certain files on targeted computer. Once this virus is run on the system, it immediately infects files and appends the extension with .payforunlock. This ransomware is based on the code of MoWare H.F.D. Attackers will demand 0.03 Bitcoins, which is equivalent to US $85. Allocated time for users to pay the ransom is only 12 hours. Otherwise, price will increase after the given period. Read more »
Restore Ransomware (also called R3store) is a deadly malware that encrypts certain files on targeted computer. It is very similar to HiddenTear ransomware. Once this virus is run on the system, it immediately infects files and appends the extension with .r3store. To site an example, a word file with filename Mydocument.docx will be converted to Mydocument.r3store when encrypted. Read more »