With No Extra Ransom turning 4, Garmin out of the blue recovering from their ransomware assault, and a GandCrab affiliate being arrested in Belarus, it has been fairly every week with regards to ransomware information.
The largest story of the week is Garmin enabling providers once more and the rumors that it paid a $5 million ransom for the decryptor. Quick ahead to the tip of the week, and the following massive information is the arrest of a GandCrab ransomware affilaite in Belarus.
We additionally had No Extra Ransom turning 4, an fascinating report from Kaspersky tying the Lazarus hacking group to the VHD ransomware, and a warning from the FBI concerning the NetWalker ransomware.
The remainder of the information is the discharge of latest variants and a few assaults that occurred this week.
Contributors and people who offered new ransomware data and tales this week embody: @malwareforme, @BleepinComputer, @serghei, @FourOctets, @DanielGallagher, @malwrhunterteam, @Seifreed, @demonslay335, @fwosar, @VK_Intel, @struppigel, @LawrenceAbrams, @PolarToffee, @Ionut_Ilascu, @jorntvdw, @MarceloRivero, @kaspersky, @TrendMicroRSRCH, and @xiaopao80087499.
July 27th 2020
No Extra Ransom turns 4: Saves $632 million in ransomware funds
The No Extra Ransom Challenge celebrates its fourth anniversary in the present day after serving to over 4.2 million guests recuperate from a ransomware an infection and saving an estimated $632 million in ransom funds.
Garmin confirms ransomware assault, providers coming again on-line
Garmin has formally confirmed that they had been victims of a ransomware assault as they slowly deliver their Garmin Join, Strava, and navigation providers again on-line.
New KOOK STOP Ransomware variant
Michael Gillespie discovered a brand new variant of STOP Ransomware that’s appending the .kook extension to encrypted information.
July 28th 2020
Enterprise big Dussmann Group’s information leaked after ransomware assault
The Nefilim ransomware operation has begun to publish unencrypted information stolen from a Dussmann Group subsidiary throughout a latest assault.
North Korean hackers created VHD ransomware for enterprise assaults
North Korean-backed hackers tracked because the Lazarus Group have developed and are actively utilizing VHD ransomware in opposition to enterprise targets in response to a report revealed by Kaspersky researchers in the present day.
Function-rich Ensiko malware can encrypt, targets Home windows, macOS, Linux
Menace researchers have discovered a brand new feature-rich malware that may encrypt information on any system operating PHP, making it a excessive danger for Home windows, macOS, and Linux internet servers.
New Everbe ransomware variant
Toffee discovered a brand new Everbe ransomware variant that appends the .COCKROACH extension to encrypted information.
New Matrix Ransomware variant
Michael Gillespie discovered a brand new variant of Matrix Ransomware that appends the .DECC extension to encrypted information.
New Dharma Ransomware variant
Marcelo Rivero discovered a brand new variant of the Dharma Ransomware that appends the .tcprx extension to encrypted information.
July 29th 2020
FBI warns of Netwalker ransomware focusing on US authorities and orgs
The FBI has issued a safety alert about Netwalker ransomware operators focusing on U.S. and overseas authorities organizations, advising their victims to not pay the ransom and reporting incidents to their native FBI subject workplaces.
New CryLock Ransomware variant
xiaopao found a brand new variant of the CryLock Ransomware that appends a random extension to encrypted information.
New ElmerGlue_3 Ransomware
xiaopao found a brand new ransomware referred to as ElmersGlue_3 (not kidding).
New MedusaLocker Ransomware variant
Toffee discovered a brand new MedusaLocker Ransomware variant that appends the .deadfiles extension to encrypted information.
New Dharma Ransomware variant
Marcelo Rivero discovered a brand new variant of the Dharma Ransomware that appends the .mnbzr extension to encrypted information.
July 30th 2020
New Matrix Ransomware variant
Michael Gillespie discovered a brand new variant of Matrix Ransomware that appends the .MH24 extension and drops a ransom be aware named MH24_README.rtf.
New ransomware found
xiaopao found a brand new ransomware that doesn’t append an extension however drops a ransom be aware named RANSOM_NOTE.txt.
July 31st 2020
Canadian MSP discloses information breach, failed ransomware assault
Managed service supplier Pivot Know-how Options has disclosed that it was the sufferer of a ransomware assault that resulted in delicate data being accessed by the hackers.
New Xorist Ransomware variant
Michael Gillespie discovered a brand new variant of Xorist Ransomware that appends the .GlUtEzOn.VaNoLe extension to encrypted information.
GandCrab ransomware operator arrested in Belarus
An affiliate of the GandCrab ransomware-as-a-business (RaaS) has been arrested, in response to some Russian information sources. Authorities in Russia had been capable of establish the person in cooperation with regulation enforcement in Romania and the U.Okay.
That is it for this week! Hope everybody has a pleasant weekend!
