On January 9, 2024, Avast and Cisco Talos announced the release of a free decryptor for one of the Babuk ransomware variants – Tortilla. Analysts ensure that all the victims of the said threat actor can use the decryptor to get their files back. That is the second ransomware strain to get the decryptor in… Continue reading Tortilla (Babuk) Ransomware Decryptor Available
Results for "babuk"
Babuk Locker ransomware builder leaked into the network
The Babuk Locker ransomware builder has appeared in the public domain. With its help anyone can design its own ransomware, the well-known information security expert Kevin Beaumont said on Twitter. The malware is already uploaded to VirusTotal. The Record, which has already studied this leak, reports that the Babuk Locker builder can be used to… Continue reading Babuk Locker ransomware builder leaked into the network
Rorschach Ransomware Analysis
Recent research from the CheckPoint Research team revealed a new ransomware sample that can potentially beat all samples currently present on the market. They coined it Rorschach, and already say that its unique properties can make it dominant ransomware pretty quickly. We told about this malware in a recent news post, and now it’s time… Continue reading Rorschach Ransomware Analysis
Rorschach’s New Ransomware Is Named the Fastest to Date
Check Point analysts have discovered a new ransomware, Rorschach ransomware that has already been used to attack an unnamed American company. This malware is notable for its extremely high speed of file encryption and the fact that it is deployed using a signed component of commercial security software. Check Point calls this threat “one of… Continue reading Rorschach’s New Ransomware Is Named the Fastest to Date
ESXiArgs Ransomware Launches Massive Attacks on VMware ESXi Servers
Hosting providers and the French CERT warn that more than 3,200 VMware ESXi servers were compromised by the new ESXiArgs ransomware last weekend as part of a massive hacking campaign. Let me remind you that we also wrote that New RedAlert Ransomware Targets Windows and Linux VMware ESXi Servers, and also that Information Security Experts… Continue reading ESXiArgs Ransomware Launches Massive Attacks on VMware ESXi Servers
Huge Ransomware List by Gridinsoft Research – Part #1
Ransomware is rightfully considered one of the most dangerous types of malware. It attacks individuals and companies, creating a mess in their files and paralysing their work. And even being such a devastating malware, it manages to have its own favourites. Let’s have a look at the most notorious ransomware attacks that ever happened. What… Continue reading Huge Ransomware List by Gridinsoft Research – Part #1
Hack Group Bl00Dy Is Already Using Leaked LockBit Builder
Researchers have discovered that the young ransomware group Bl00Dy is already using in its attacks the LockBit builder, which leaked to the network last week. Let me remind you that the builder of the well-known encryptor LockBit was published in the public domain about a week ago. It is assumed that the LockBit 3.0 builder… Continue reading Hack Group Bl00Dy Is Already Using Leaked LockBit Builder
Emsisoft Released a Free Tool to Decrypt Data Corrupted by AstraLocker and Yashma
Emsisoft has released a free decryption tool for files affected by AstraLocker and Yashma ransomware attacks. Let me remind you that last week AstraLocker operators announced that the malware was ending its work and uploaded tools to VirusTotal to decrypt files affected by AstraLocker and Yashma attacks. The hackers said that they do not plan… Continue reading Emsisoft Released a Free Tool to Decrypt Data Corrupted by AstraLocker and Yashma
AstraLocker Ransomware Operators Publish File Decryption Tools
AstraLocker ransomware operators have announced that the malware is ending its work and have uploaded data decryption tools to VirusTotal. The hackers say that they do not plan to return to ransomware in the future, but intend to switch to cryptojacking. The Bleeping Computer reports that it has already studied the archive published by the… Continue reading AstraLocker Ransomware Operators Publish File Decryption Tools
Chinese Hackers Use Ransomware As a Cover for Espionage
Secureworks experts have found that Chinese hackers from two groups that specialize in espionage and theft of intellectual property from Japanese and Western companies use ransomware to hide their actions. Let me remind you that we also wrote that Chinese Hacker Group Revealed after a Decade of Undetected Espionage, and also that Chinese Hackers Attack… Continue reading Chinese Hackers Use Ransomware As a Cover for Espionage