Bleeping Computer

New version of the CryptoMix Ransomware Using the Wallet Extension

A new CryptoMix, or CryptFile2, variant was released that is now using the .[payment_email].ID[VICTIM_16_CHAR_ID].WALLET extension for encrypted files. This is very annoying as it makes it more ...
Bleeping Computer

Locky Ransomware Switches to the Asasin Extension via Broken Spam Campaigns

Today a new Locky Ransomware variant was released that now uses the .asasin extension for encrypted files. Personally, I thought the previous extension, ykcol, was more clever, while this one ...

Windows shortcut files targeted by ransomware gang Global Group

When Microsoft patched a vulnerability last summer that allowed threat actors to use Windows’ shortcut (.lnk) files in ...
ZDNet

GermanWiper ransomware hits Germany hard, destroys files, asks for ransom

For the past week, a new ransomware strain has been wreaking havoc across Germany. Named GermanWiper, this ransomware doesn't encrypt files but instead it rewrites their content with zeroes, ...
Dark Reading

Attacker Mistake Botches Cyborg Ransomware Campaign

These are the two subject lines of fraudulent emails disguised to appear as Windows Update notifications while containing malicious attachments to infect targets with Cyborg ransomware. While the ...
CSO Online

Windows shortcut weaponized in Phorpiex-linked ransomware campaign

Researchers revealed a Phorpiex-distributed phishing campaign using malicious LNK files to deploy Global Group ransomware ...
Digital Trends

Beware of new image files you didn’t download: They may launch ‘Locky’ ransomware

If you see a new image or graphic file on your computer that you don’t recall downloading, do not open it. The Locky ransomware program has moved on from MS Office Word to Facebook and LinkedIn ...