LEFT SIDEBAR AD

Hidden in mobile, Best for skyscrapers.

The Week in Ransomware - July 31st 2020 - Cooked Crab

4 years ago 166
BOOK THIS SPACE FOR AD
ARTICLE AD

Lock

With No More Ransom turning 4, Garmin suddenly recovering from their ransomware attack, and a GandCrab affiliate being arrested in Belarus, it has been quite a week when it comes to ransomware news.

The biggest story of the week is Garmin enabling services again and the rumors that it paid a $5 million ransom for the decryptor. Fast forward to the end of the week, and the next big news is the arrest of a GandCrab ransomware affilaite in Belarus.

We also had No More Ransom turning 4, an interesting report from Kaspersky tying the Lazarus hacking group to the VHD ransomware, and a warning from the FBI about the NetWalker ransomware.

The rest of the news is the release of new variants and some attacks that occurred this week.

Contributors and those who provided new ransomware information and stories this week include: @malwareforme, @BleepinComputer, @serghei, @FourOctets, @DanielGallagher, @malwrhunterteam, @Seifreed, @demonslay335, @fwosar, @VK_Intel, @struppigel, @LawrenceAbrams, @PolarToffee, @Ionut_Ilascu, @jorntvdw, @MarceloRivero, @kaspersky, @TrendMicroRSRCH, and @xiaopao80087499.

July 27th 2020

No More Ransom turns 4: Saves $632 million in ransomware payments

The No More Ransom Project celebrates its fourth anniversary today after helping over 4.2 million visitors recover from a ransomware infection and saving an estimated $632 million in ransom payments.

Garmin confirms ransomware attack, services coming back online

Garmin has officially confirmed that they were victims of a ransomware attack as they slowly bring their Garmin Connect, Strava, and navigation services back online.

New KOOK STOP Ransomware variant

Michael Gillespie found a new variant of STOP Ransomware that is appending the .kook extension to encrypted files.

July 28th 2020

Business giant Dussmann Group's data leaked after ransomware attack

The Nefilim ransomware operation has begun to publish unencrypted files stolen from a Dussmann Group subsidiary during a recent attack.

North Korean hackers created VHD ransomware for enterprise attacks

North Korean-backed hackers tracked as the Lazarus Group have developed and are actively using VHD ransomware against enterprise targets according to a report published by Kaspersky researchers today.

Feature-rich Ensiko malware can encrypt, targets Windows, macOS, Linux

Threat researchers have found a new feature-rich malware that can encrypt files on any system running PHP, making it a high risk for Windows, macOS, and Linux web servers.

New Everbe ransomware variant

Toffee found a new Everbe ransomware variant that appends the .COCKROACH extension to encrypted files.

New Matrix Ransomware variant

Michael Gillespie found a new variant of Matrix Ransomware that appends the .DECC extension to encrypted files.

New Dharma Ransomware variant

Marcelo Rivero found a new variant of the Dharma Ransomware that appends the .tcprx extension to encrypted files.

July 29th 2020

FBI warns of Netwalker ransomware targeting US government and orgs

The FBI has issued a security alert about Netwalker ransomware operators targeting U.S. and foreign government organizations, advising their victims not to pay the ransom and reporting incidents to their local FBI field offices.

New CryLock Ransomware variant

xiaopao discovered a new variant of the CryLock Ransomware that appends a random extension to encrypted files.

New ElmerGlue_3 Ransomware

xiaopao discovered a new ransomware called ElmersGlue_3 (not kidding).

ElmersGlue_3

New MedusaLocker Ransomware variant

Toffee found a new MedusaLocker Ransomware variant that appends the .deadfiles extension to encrypted files.

New Dharma Ransomware variant

Marcelo Rivero found a new variant of the Dharma Ransomware that appends the .mnbzr extension to encrypted files.

July 30th 2020

New Matrix Ransomware variant

Michael Gillespie found a new variant of Matrix Ransomware that appends the .MH24 extension and drops a ransom note named MH24_README.rtf.

New ransomware discovered

xiaopao discovered a new ransomware that does not append an extension but drops a ransom note named RANSOM_NOTE.txt.

July 31st 2020

Canadian MSP discloses data breach, failed ransomware attack

Managed service provider Pivot Technology Solutions has disclosed that it was the victim of a ransomware attack that resulted in sensitive information being accessed by the hackers.

New Xorist Ransomware variant

Michael Gillespie found a new variant of Xorist Ransomware that appends the .GlUtEzOn.VaNoLe extension to encrypted files.

GandCrab ransomware operator arrested in Belarus

An affiliate of the GandCrab ransomware-as-a-business (RaaS) has been arrested, according to some Russian news sources. Authorities in Russia were able to identify the individual in cooperation with law enforcement in Romania and the U.K.

Emsisoft released an updated decryptor for RedRum

Emsisoft released an updated decryptor the RedRum Ransomware that now decrypts the .thanos variant.

That's it for this week! Hope everyone has a nice weekend!

Read Entire Article
  3. The Week in Ransomware - July 31st 2020 - Cooked Crab

Related

Windows 11 KB5046740 update released with 14 changes and fixes

Windows 11 KB5046740 update released with 14 changes and fixes

Chinese hackers target Linux with new WolfsBane malware

Chinese hackers target Linux with new WolfsBane malware

Over 2,000 Palo Alto firewalls hacked using recently patched bugs

Over 2,000 Palo Alto firewalls hacked using recently patched bugs

Microsoft pulls WinAppSDK update breaking Windows 10 app uninstalls

Microsoft pulls WinAppSDK update breaking Windows 10 app uninstalls

CISA says BianLian ransomware now focuses only on data theft

CISA says BianLian ransomware now focuses only on data theft

Financially Motivated Threat Actor Leveraged Google Docs and Weebly Services to Target Telecom and Financial Sectors

Financially Motivated Threat Actor Leveraged Google Docs and Weebly Services to Target Telecom and Financial Sectors

Trending

1. Sports
2. Disney
3. Dubai
4. Coldplay Infinity tickets
5. Bengaluru Bulls
6. Rights
7. ICBM
8. Rishabh Pant
9. Yashasvi Jaiswal
10. KL Rahul

Popular

Install waybackurls on Kali Linux

Install waybackurls on Kali Linux

1-click RCE in Electron Applications

1-click RCE in Electron Applications

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Microsoft Office Professional Plus 2019 (x64 & x86) Multilingual + Pre-Activated

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Over 40 Apps With More Than 100 Million Installs Found Leaking AWS Keys

Install DalFox on Kali Linux

Install DalFox on Kali Linux

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Adobe Master Collection CC 2022 v25.08.2022 (x64) Multilingual Pre-Activated

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Maxon CINEMA 4D Studio S22.123 (x64) Multilingual + Crack

Autodesk Revit 2023 R1 Build 23.0.11.19 (x64) Multilingual + Crack

Autodesk Revit 2023 R1 Build 23.0.11.19 (x64) Multilingual + Crack

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

‘We are not motivated by profits’ – Open Bug Bounty maintainers on finding a niche in the crowdsourced AppSec market

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

Just Gopher It: Escalating a Blind SSRF to RCE for $15k

BOOK THIS SPACE FOR AD
RIGHT SIDEBAR BOTTOM AD
Bengali (Bangladesh) Bengali (Bangladesh) · English (United States) English (United States) ·
About Us · Terms & Condition · Contact Us
© Security Alert 2024. All rights are reserved