gandcrab
Mapping Out a Malware Distribution Network
More than a dozen US-based web servers were used to host 10 malware families, distributed through mass phishing campaigns. Malware families include Dridex, GandCrab, Neutrino, IcedID and others. Evidence suggests the existence ...
Chinese government falls victim to GandCrab 5.2 ransomware
Allegations that China is in the crosshairs of North Korean hackers have arisen after the discovery of ransomware-laden emails hitting the inboxes of government departments. The emails contain version 5.2 of the ...
GandCrab: Wishing You an Unhappy Birthday
A source of much misery, the GandCrab family of ransomware has had a very successful first year. But there’s plenty you can do about it. GandCrab debuted in late January 2018 and ...
Attackers Sending Out Fake CDC Flu Warnings to Distribute GandCrab
Digital attackers are sending out fake flu warnings that appear to come from the U.S. Center for Disease Control (CDC) in order to distribute GandCrab ransomware. An attack begins when a user ...
Various Membership Plans Offered by Jokeroo Ransomware-as-a-Service
The Jokeroo ransomware-as-a-service (RaaS) offers various membership plans through which would-be digital criminals can become affiliates. In his analysis of the ransomware-as-a-service, Bleeping Computer creator and owner Lawrence Abrams found that Jokeroo ...
North Korean Lazarus Group Starts Targeting Russian Organizations
In an unusual move, the Lazarus hacking group associated with the North Korean government has recently started targeting organizations from Russia. The group’s primary targets until now have been organizations from countries ...
Decryptor Now Available for Files Affected by GandCrab Ransomware v5.1
Researchers have released an updated decryptor that allows victims of GandCrab ransomware version 5.1 to recover their affected files for free. On 19 February, Bitdefender announced that they had developed the decryptor ...
New GandCrab v5.1 Decryptor Available Now
Today we’re happy to announce that our collaboration with the Romanian Police, Europol and other law enforcement agencies has yielded another new decryptor for all GandCrab ransomware versions released since October 2018 ...
Popular Torrents Uploader Caught Sharing ‘GandCrab’ Ransomware
Torrent sites are banning CracksNow, a popular source of torrent uploads, after discovering that the uploader of cracks and keygens was distributing ransomware. CracksNow was labeled as “trusted” before a number of ...
Super Mario Oddity
A few days ago, I was investigating a sample piece of malware where our static analysis flagged a spreadsheet as containing a Trojan but the behavioural trace showed very little happening. This ...