Bleeping Computer

New version of the CryptoMix Ransomware Using the Wallet Extension

A new CryptoMix, or CryptFile2, variant was released that is now using the .[payment_email].ID[VICTIM_16_CHAR_ID].WALLET extension for encrypted files. This is very annoying as it makes it more ...
Bleeping Computer

Locky Ransomware Switches to the Asasin Extension via Broken Spam Campaigns

Today a new Locky Ransomware variant was released that now uses the .asasin extension for encrypted files. Personally, I thought the previous extension, ykcol, was more clever, while this one ...

New Research from Index Engines™ Shows Ransomware Continues Shift Towards Polymorphism, Shadow Encryption, and Wiper-Style Attacks

Index Engines, the leader in cyber resilience, today shared the latest ransomware trends from its CyberSense® Research Lab, which reveals threat actors continue to advance their approaches with more ...

Windows shortcut files targeted by ransomware gang Global Group

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...
ZDNet

GermanWiper ransomware hits Germany hard, destroys files, asks for ransom

For the past week, a new ransomware strain has been wreaking havoc across Germany. Named GermanWiper, this ransomware doesn't encrypt files but instead it rewrites their content with zeroes, ...
Dark Reading

Attacker Mistake Botches Cyborg Ransomware Campaign

These are the two subject lines of fraudulent emails disguised to appear as Windows Update notifications while containing malicious attachments to infect targets with Cyborg ransomware. While the ...
CSO Online

Windows shortcut weaponized in Phorpiex-linked ransomware campaign

Researchers revealed a Phorpiex-distributed phishing campaign using malicious LNK files to deploy Global Group ransomware designed to operate entirely offline.