Ransomware
Ert Ransomware Comes With Russian Ransom Note
Ert is a malicious software from the Xorist ransomware lineage, designed to encrypt data and demand payment for decryption. When we ran a sample of Ert on our testing environment, it encrypted files and appended a... Read more
Looy Ransomware Locks Most Files
Looy has been identified as a variant within the Djvu ransomware family. Looy operates by encrypting files and adjusting their filenames, adding the ".looy" extension. For example, it changes "1.jpg" to "1.jpg.looy",... Read more
Payuransom Ransomware Locks Files
Payuransom is a type of ransomware engineered to encrypt files, adding the ".payuransom" extension to their filenames, altering the desktop wallpaper of the victim, and generating a ransom note named... Read more
DoNex Ransomware Encrypts Victim Drives
While examining new file samples, we identified a ransomware variant known as DoNex. This ransomware is designed to encrypt data and appends a ransom note titled "Readme.[victim's_ID].txt" along with its extension... Read more
WoXoTo Ransomware Locks Victim Systems
While analyzing new malware samples, we came across a novel addition to the Xorist family known as WoXoTo. WoXoTo operates as ransomware, a malicious software designed to encrypt files. Additionally, WoXoTo generates... Read more
What is Wisz Ransomware?
Wisz Ransomware is a malicious software that encrypts files on the victim's system, appending the ".wisz" extension to their filenames. This article explores the characteristics of Wisz Ransomware, its modus operandi,... Read more
Hitobito Ransomware Locks Victim Systems
Hitobito functions as a ransomware program, encrypting files and demanding payment for their decryption. During testing, it was observed that Hitobito appended a ".hitobito" extension to the filenames of encrypted... Read more
Vook Ransomware Encrypts Drives
Vook is a variant within the Djvu ransomware lineage. Vook functions by encrypting files and altering their filenames, appending the ".vook" extension. For instance, it transforms "1.jpg" into "1.jpg.vook", "2.png"... Read more
Nood Ransomware is a Djvu Clone
While analyzing new malware samples, we discovered that Nood is a type of ransomware associated with the Djvu family. This malicious software encrypts files on the targeted system by appending the ".nood" extension to... Read more
Duralock Ransomware Ramps Up Ransom Within Three Days
Duralock is a type of ransomware that belongs to the MedusaLocker ransomware family. Duralock encrypts files and appends a ".duralock05" extension to their names. Consequently, an original file named "1.jpg" would... Read more
Zarik Locker Ransomware Holds Your Files Hostage
During the evaluation of file samples, our researchers came across the Zarik Locker ransomware. This type of malware encrypts data and demands ransom for decryption. Upon executing a sample of Zarik Locker on our test... Read more
What is Wiaw Ransomware?
Wiaw ransomware, a variant of the Djvu ransomware family, encrypts files on victims' devices and appends the ".wiaw" extension to their filenames. It operates by altering filenames such as "1.jpg" to "1.jpg.wiaw" and... Read more
FORCE Ransomware Will Hold Your Files Captive
Our team of researchers came across the FORCE ransomware variant while conducting a routine examination of new file samples. FORCE belongs to the Phobos ransomware lineage. During testing on our experimental system,... Read more
Kool Ransomware Encrypts Victim Data
While we were going over new malware samples, it came to our attention that Kool is a ransomware variant linked to the Djvu family. This malicious software encrypts files on the compromised system and adds the ".kool"... Read more
Genesis Ransomware is a MedusaLocker Clone
Our team has identified the Genesis ransomware, which belongs to the MedusaLocker ransomware family. This type of malicious software encrypts files and demands payment for their decryption. During our testing, the... Read more
Reload Ransomware is Based on Makop
In our analysis of the Reload malware, we determined that it belongs to the Makop family and functions as ransomware, primarily designed for file encryption. Apart from encrypting data, Reload also drops a ransom... Read more
What is Avira9 Ransomware?
Avira9 is a form of ransomware that encrypts files and demands payment for decryption. Despite its name, it's not affiliated with the Avira antivirus company. Encryption Process Files encrypted by Avira9 have a... Read more
What is Payuranson Ransomware?
Payuranson ransomware encrypts files on victims' computers, appending the ".payuranson" extension to filenames. Alongside file encryption, it generates a ransom note ("SkynetData.txt") available in Russian, English,... Read more
