Ransomware activity didn’t skyrocket last month, but there was definitely a substantial increase compared to September.

Perhaps the most serious wake-up call was the onset of BadRabbit, a Petya-like culprit going on a rampage in Eastern Europe. A likely successor of the Cerber ransomware dubbed Magniber started making the rounds via the Magnitude exploit kit. A Halloween-themed Trick-or-Treat blackmail malware demonstrated that cybercriminals follow the traditions too – in their own way, though.

Overall, 28 new strains emerged, 18 existing ones underwent updates, and only one free decryptor was released.

OCTOBER 3, 2017

BTCWare edition using a self-explanatory extension

A new variant of the BTCWare blackmail virus is discovered. It appends the .payday extension to hostage files and drops a ransom note named !! RETURN FILES !!.txt. Victims are instructed to contact the attackers via email for detailed decryption steps.

OCTOBER 5, 2017

Browser scam revolving around ransomware

Cybercriminals launch a tech support scam campaign where users bump into rogue browser alerts stating ‘Ransomware Detected’. The deceptive popups recommend would-be victims to call a toll free phone number for assistance. The self-proclaimed support agents will then try to defraud the unsuspecting users of a fee to fix the purported security issue.

Samas ransomware updated

Researchers come across an uncatalogued Samas/SamSam ransomware version that blemishes encoded data with the .loveransisgood string.

Ransomware attacks a U.S. city

All internal information systems of the City of Englewood, Colorado, are knocked offline due to a ransomware incursion. No details regarding the trouble-making strain are available at this point. Fortunately, sensitive information belonging to employees or residents has not been obtained via this infection.

Another crypto onslaught against a healthcare facility reported

According to a recent press release, the computer network of Arkansas Oral & Facial Surgery Center was affected by file-encrypting ransomware on (Read more...)