Several flavors of ransomware, most notably Cryptowall, have come packaged with support features. But a new piece of crypto-ransomware called PadCrypt has upped the game with a live chat feature that victims can use to interact with the attackers about ransom payments and other information.
PadCrypt is the first ransomware family to include the capability for real-time interaction with the attackers. The live chat, which requires access to the command and control server to work, is not the only unique feature to PadCrypt. It also comes with an uninstaller; the tool, however, does not decrypt any files that have been scrambled by the malware.
Read moreOver the last few years, we have seen several types of Ransomware malware that demand a whopping amount of money from users for the retrieval of their locked, compromised sensitive files. We have also witnessed the birth of decryption solution for some of the Ransomware like Cryptolocker, Coinvault, Rescue Kit.
One more solution has recently been released for decryption of newly emerging ransomware, dubbed as Hydracrypt and Umbrecrypt that are propagated through Angler Exploit Kit. Both of the malware belong to CrypBoss ransomware family. The source code of CrypBoss Ransomware was leaked last year on Pastebin.
Read moreTeslaCrypt, a ransomware family that emerged roughly a year ago, includes a design flaw that has already allowed security researchers build a free file decryption tool. The issue affects TeslaCrypt and TeslaCrypt 2.0 variants of the malware and resides in the encryption key storage algorithm.
The issue has been fixed in TeslaCrypt 3.0, but files encrypted with the older versions of the ransomware can be decrypted without paying cybercriminals to do so. Spotted in late February 2015, the ransomware was found to encrypt not only photos, videos, and documents, but files associated with video games as well.
Read moreCryptsy, a website used for trading Bitcoin, Litecoin, and other crypto-currencies, recently revealed that it had been robbed, accusing a $5.7 million theft and suspending trades and withdrawals.
The theft took place on July 29, 2014, but they decided to go public with the incident only now, after unsuccessfully trying to involve the FBI. The Cryptsy team said that recent problems users have been experiencing are related to this incident and not to recent phishing or DDoS attacks. The culprit was found to be the developer of Lucky7Coin, who placed an IRC backdoor into the code of wallet, and that the malicious code acted as a Trojan, or command and control unit.
Read moreIn the past few days, a new version of the TeslaCrypt ransomware was released, and security researchers have now detected a massive spam campaign distributing this new threat.
The first signs of something out of the ordinary were initially spotted on the Bleeping Computer forums, where users started complaining about being infected with ransomware. After further analysis by community members, the ransomware proved to be a new TeslaCrypt version that added minor changes to its code, but these were more than enough to prevent users from using the TeslaDecoder to decrypt their files.
Read moreCryptowall 4.0 – the newest version of the world's worst Ransomware – has surfaced in the Nuclear exploit kit, one of the most potent exploit kits available in the underground market for hacking into computers.
Ransomware threat has emerged as one of the biggest threats to internet users in recent times. Typically, a Ransomware malware encrypts all files on victim’s computer with a strong cryptographic algorithm, then demand a ransom to be paid in Bitcoin. Cryptowall is currently among the most widespread and sophisticated family of Ransomware backed by a very robust back-end infrastructure.
Read moreBleepingComputer.com's editor Lawrence Abrams is reporting that a new version of the Cryptowall ransomware has been released, and has released details of why it's more of a threat than ever before.
Reporting on a new strain of Cryptowall, the ransomware trojan, BleepingComputer.com's editor Lawrence Abrams has reported on why the new version is more powerful than before and poses a security threat that at present has no resolution. Abrams became aware of the new Cryptowall variant when looking into cases where people reported they had been infected. He quickly determined that this was in fact a new version of CryptoWall.
Read moreWindows users who rely on TrueCrypt to encrypt their hard drives have a serious security problem: a researcher has discovered two critical flaws in the program.
TrueCrypt may have been abandoned by its original developers, but it remains one of the few encryption options for Windows. That keeps researchers interested in finding holes in the program and its spin-offs. A member of Google’s Project Zero team has recently discovered two vulnerabilities in the driver that TrueCrypt installs on Windows systems. The flaws could allow attackers to obtain elevated privileges on a system if they have access to a limited user account.
Read moreCybercriminals are learning from each other. Take TeslaCrypt, for example. It is a relatively new family of ransomware; its samples were first detected in February 2015.
The notable feature of the early TeslaCrypt versions was that malware was targeting not only usual sets of files, including documents, pictures and videos, but games-related file types as well. By that time, it was a rather weak malware due to a couple of its technical flaws. Despite the fact malware creators scared their victims with the frightful RSA-2048 algorithm, in reality the encryption was not that strong.
Read moreGamers come in all ages and from all walks of life; they may or may not have files they feel are irreplaceable enough as to be tempted to pay a ransom to get those files decrypted. But what if it was your saved games and your Steam account that was encrypted and held for ransom?
That’s exactly what the crypto-ransomware is doing: in fact it targets over 50 file extensions related to video games including Steam, single and multiplayer games, and even game development software. Although the ransom window which announces “your personal files are encrypted” may look like CryptoLocker, don’t be fooled.
Read moreAxarhöfði 14,
110 Reykjavik, Iceland