Cerber ransomware has acquired the reputation of being one of the most rapidly evolving ransomware families to date. Just in May, we pointed out how it had gone through six separate versions with various differences in its routines. Several months later and it seems to have evolved again, this time adding cryptocurrency theft to its routines. This is on top of its normal ransomware routines, giving the attackers two ways to profit off of one infection.
Read More
Whenever a threat is “localized” to a specific region, it’s a sign that attackers believe there is money to be made. Ransomware has made millions of dollars around the world, and it looks like it’s poking its nose into a new part of the world: China. However, the initial foray into this market made several mistakes.
Read MoreAs if encrypting files and holding them hostage is not enough, cybercriminals who create and spread crypto-ransomware are now resorting to causing blue screen of death (BSOD) and putting their ransom notes at system startup—as in, even before the operating system loads. Imagine turning on your computer and instead of the usual Windows icon loading, you get a flashing red and white screen with a skull-and-crossbones instead.
Read MoreLast July we came across a crypto-ransomware variant known as Critroni or Curve-Tor-Bitcoin (CTB) Locker. We observed recent improvements to the CTB malware, which now offer a “free decryption” service, extended deadline to decrypt the files, and an option to change the language of the ransom message. These new variants also demand payment of 3 BTC…
Read MoreThe first half of this year has been quite eventful for the mobile threat landscape. Sure, we had an idea the state of affairs from 2013 would continue on to this year, but we didn’t know just to what extent. From ballooning mobile malware/high risk app numbers to vulnerabilities upon vulnerabilities, let’s recap just what…
Read More