Security Affairs

MARCH 2, 2020

Security experts uncovered an ongoing campaign delivering Nemty Ransomware via emails disguised as messages from secret lovers. Researchers from Malwarebytes and X-Force IRIS have uncovered an ongoing spam campaign distributing the Nemty Ransomware via messages disguised as messages from secret lovers. zip’). Pierluigi Paganini.

Ransomware 114

Ransomware File names Archiving Encryption 114

Security Affairs

JUNE 6, 2023

Researchers from security firm Uptycs reported that threat actors linked to the Cyclops ransomware are offering a Go-based information stealer. The Cyclops group has developed multi-platform ransomware that can infect Windows, Linux, and macOS systems. ” reads the report. The data is then exfiltrated to the attacker’s server.”

Ransomware 67

Ransomware Encryption Archiving File names 67

Security Affairs

JUNE 26, 2021

On June 14th, Altus Group, a commercial real estate software solutions firm, disclosed a security breach, now Hive ransomware gang leaked its files. Now, we have information that their data may have possibly been leaked by Hive – a new ransomware group. Files leaked online. SecurityAffairs – hacking, ransomware).

Ransomware 96

Ransomware File names Archiving Encryption 96

Security Affairs

APRIL 3, 2022

Cyble researchers discovered a new remote access trojan (RAT) named Borat capable of conducting DDoS and ransomware attacks. Researchers from threat intelligence firm Cyble discovered a new RAT, named Borat, that enables operators to gain full access and remote control of an infected system. Pierluigi Paganini.

Ransomware 109

Ransomware File names Archiving Encryption 109

Security Affairs

MARCH 26, 2021

Experts identified Tor hidden services and clearnet URLs via various open-source reporting that could be associated with the activity of the Hades ransomware. Researchers from Crowdstrike speculate that the new variant is a successor to WastedLocker ransomware and linked the operations to Evil Corp operations. Pierluigi Paganini.

Ransomware 136

Ransomware Encryption File names Manufacturing 136

Security Affairs

MARCH 3, 2020

The operators behind the Nemty ransomware set up a data leak site to publish the data of the victims who refuse to pay ransoms. Nemty ransomware first appeared on the threat landscape in August 2019, the name of the malware comes after the extension it adds to the encrypted file names. Pierluigi Paganini.

Ransomware 99

Ransomware File names Encryption Archiving 99

Security Affairs

AUGUST 18, 2023

Bronze Starlight is a nation-state group that was observed using ransomware as means for distraction or misattribution. Then the loaders retrieve a second-stage payload stored in password-protected ZIP archive from Alibaba buckets. The attackers used modified installers for chat applications to download a.NET malware loaders.

Archiving 86

Archiving File names Encryption Passwords 86