• Trend Micro
  • About TrendLabs Security Intelligence Blog
Search:
  • Home
  • Categories
    • Ransomware
    • Vulnerabilities
    • Exploits
    • Targeted Attacks
    • Deep Web
    • Mobile
    • Internet of Things
    • Malware
    • Bad Sites
    • Spam
    • Botnets
    • Social
    • Open source
Home   »   Ransomware

Ransomware as a Service Princess Evolution Looking for Affiliates
  • Posted on:August 9, 2018 at 6:01 am
  • Posted in:Bad Sites, Malware, Ransomware
  • Author:
    Joseph C Chen (Fraud Researcher)
0

We have been observing a malvertising campaign via Rig exploit kit delivering a cryptocurrency-mining malware and the GandCrab ransomware since July 25. On August 1, we found Rig’s traffic stream dropping a then-unknown ransomware. Delving into this seemingly new ransomware, we checked its ransom payment page in the Tor network and saw it was called Princess Evolution (detected by Trend Micro as RANSOM_PRINCESSLOCKER.B), and was actually a new version of the Princess Locker ransomware that emerged in 2016. Based on its recent advertisement in underground forums, it appears that its operators are peddling Princess Evolution as a ransomware as a service (RaaS) and are looking for affiliates.

Read More
Tags: Princess Evolutionransomwarerig exploit kit

Legitimate Application AnyDesk Bundled with New Ransomware Variant
  • Posted on:May 1, 2018 at 6:00 am
  • Posted in:Ransomware
  • Author:
    Trend Micro
0

We recently discovered a new ransomware (Detected as RANSOM_BLACKHEART.THDBCAH), which drops and executes the legitimate tool known as AnyDesk alongside its malicious payload.

Read More
Tags: AnyDeskBlackHeart. RansomwareTeamviewer

Digital Extortion: A Forward-looking View
  • Posted on:January 30, 2018 at 5:02 am
  • Posted in:Malware, Ransomware
  • Author:
    David Sancho (Senior Threat Researcher)
0

In 2017, we saw digital extortion increasingly become cybercriminals’ first and foremost money-making modus operandi. It’s mostly due to ransomware — cybercriminals’ currently most popular weapon of choice, helping them in extorting cash from users all over the world and in hitting big businesses and organizations.

By infecting business-critical systems through their shotgun-style ransomware attacks and thus crippling enterprise day-to-day operations, cybercriminals managed to force big companies to bend to their will. Digital extortion has become the most successful moneymaking venture for cybercriminals, and the most effective in terms of the scale of their victims. Big or small, everyone gets hit, and everyone has to pay.

Read More
Tags: Digital ExtortionErebusOnline BlackmailpetyaWannaCry

qkG Filecoder: Self-Replicating, Document-Encrypting Ransomware
  • Posted on:November 22, 2017 at 4:01 am
  • Posted in:Ransomware
  • Author:
    Trend Micro Cyber Safety Solutions Team
0

We encountered a few interesting samples of a file-encoding ransomware variant implemented entirely in VBA macros called qkG (detected by Trend Micro as RANSOM_CRYPTOQKG.A). It’s a classic macro malware infecting Microsoft Word’s Normal template (normal.dot template) upon which all new, blank Word documents are based.

Further scrutiny into qkG also shows it to be more of an experimental project or a proof of concept (PoC) rather than a malware actively used in the wild. This, however, doesn’t make qkG less of a threat.

Read More
Tags: macro malwareMicrosoft WordqkGransomware

Bad Rabbit Ransomware Spreads via Network, Hits Ukraine and Russia
  • Posted on:October 24, 2017 at 4:25 pm
  • Posted in:Malware, Ransomware
  • Author:
    Trend Micro
0

A ransomware campaign is currently ongoing, hitting Eastern European countries with what seems to be a variant of the Petya ransomware dubbed Bad Rabbit.

Read More
Tags: Bad Rabbit
Page 1 of 2412 › »

Security Predictions for 2018

  • Attackers are banking on network vulnerabilities and inherent weaknesses to facilitate massive malware attacks, IoT hacks, and operational disruptions. The ever-shifting threats and increasingly expanding attack surface will challenge users and enterprises to catch up with their security.
    Read our security predictions for 2018.

Business Process Compromise

  • Attackers are starting to invest in long-term operations that target specific processes enterprises rely on. They scout for vulnerable practices, susceptible systems and operational loopholes that they can leverage or abuse. To learn more, read our Security 101: Business Process Compromise.

Popular Posts

  • The Need for Managed Detection and Response: Persistent and Prevalent Threats in North America’s Security Landscape
  • New Underminer Exploit Kit Delivers Bootkit and Cryptocurrency-mining Malware with Encrypted TCP Tunnel
  • How Machine Learning Can Help Identify Web Defacement Campaigns
  • Malware Targeting Bitcoin ATMs Pops Up in the Underground
  • Ransomware as a Service Princess Evolution Looking for Affiliates

Stay Updated

  • Home and Home Office
  • |
  • For Business
  • |
  • Security Intelligence
  • |
  • About Trend Micro
  • Asia Pacific Region (APAC): Australia / New Zealand, 中国, 日本, 대한민국, 台灣
  • Latin America Region (LAR): Brasil, México
  • North America Region (NABU): United States, Canada
  • Europe, Middle East, & Africa Region (EMEA): France, Deutschland / Österreich / Schweiz, Italia, Россия, España, United Kingdom / Ireland
  • Privacy Statement
  • Legal Policies
  • Copyright © Trend Micro Incorporated. All rights reserved.