Ransomware
LockBit 4.0 Ransomware Resurfaces
LockBit 4.0 is a fresh iteration of the LockBit ransomware, unveiled in February 2024. Coincidentally, this release aligns with the arrest of two LockBit operators by law enforcement agencies during the same month.... Read more
Bl00dyAdmin Ransomware Threatens Data Leaks
Upon analyzing new malware samples, we identified a variant of ransomware referred to as Bl00dyAdmin. This malicious software encrypts data and alters the names of encrypted files by appending the ".CRYPT" extension.... Read more
US Posts New Bounty of $15 Million on the LockBit Ransomware Gang
The United States is offering substantial rewards for information regarding cybercriminals associated with the recently dismantled LockBit ransomware operation, but law enforcement agencies assert they have already... Read more
Dxen Ransomware Locks Most Files
Dxen has been identified as a form of ransomware. It belongs to the Phobos ransomware family, which typically encrypts files and demands payment for decryption. Upon testing Dxen on our system, it encrypted files and... Read more
ZENEX Ransomware Will Encrypt Victim Systems
During our examination of new malicious file samples, we identified ZENEX as ransomware associated with the Proton family. ZENEX is crafted to encrypt files, alter the filenames of encrypted files, display a ransom... Read more
2023lock Ransomware Threatens Data Leaks
2023lock operates as a type of ransomware malware with the primary purpose of encrypting data and demanding ransom payments for its decryption. During our testing on a virtual machine, 2023lock successfully encrypted... Read more
Ma1x0 Ransomware Encrypts Victim Systems
Ma1x0 is a ransomware variant. Key findings indicate its association with the Mallox family, as it appends the ".ma1x0" extension to filenames and includes a ransom note ("HOW TO RESTORE FILES.txt"). The manner in... Read more
Jkwerlo Ransomware Holds Your Files Hostage
Jkwerlo is categorized as ransomware, functioning with the intent to encrypt data and demand payment for decryption. When a Jkwerlo sample was executed, it initiated the encryption process on files. Unlike many... Read more
GoodMorning Ransomware is a Threat Despite Strange Name
During the examination of new malware samples, we identified a variant of the GlobeImposter ransomware family, named GoodMorning. Once infiltrating a system, GoodMorning commences the encryption of files and appends... Read more
TransCrypt Ransomware Locks Infected Drives
While examining the TransCrypt malware, we found that it is a form of ransomware derived from the Chaos ransomware. TransCrypt operates by encrypting files, appending random extensions to filenames, altering the... Read more
SWIFT Ransomware Locks Infected Systems
While analyzing new malware samples, we identified a ransomware variant associated with the Proton family, named SWIFT. Upon infiltrating a computer, SWIFT encrypts and alters the names of files, changes the desktop... Read more
BackMyData Ransomware is a Clone of the Infamous Phobos Ransomware
BackMyData is a type of ransomware associated with the Phobos family. Our findings reveal that BackMyData encrypts files and alters their names, introducing two ransom notes ("info.hta" and "info.txt"). The file... Read more
XznShirkiCry Ransomware Uses Bilingual Ransom Note
The ransomware known as XznShirkiCry came to our attention during our examination of malware samples. This malware encrypts data, modifies filenames by adding a specific extension, alters the desktop wallpaper, and... Read more
HomuWitch Ransomware Will Lock Your System
HomuWitch operates as a form of ransomware, encrypting data and demanding payment for decryption. HomuWitch would encrypt files by appending a ".homuencrypted" extension to their titles. For instance, a file... Read more
WantToCry Ransomware Encrypts Most File Types
WantToCry is a type of ransomware designed to encrypt data and modify filenames by adding the extension ".want_to_cry." Upon encryption, the ransomware presents victims with a ransom note named "!want_to_cry.txt,"... Read more
Lockbit Gang Dismantled in International Police Operation
Interpol and the British National Crime Agency (NCA) have successfully penetrated Lockbit's systems and exfiltrated its data. As a notable ransomware group believed to operate from Russia, Lockbit is a major player in... Read more
Lkfr Ransomware Will Encrypt Victim Files
Lkfr was identified during the examination of recent malware samples. It has been established that Lkfr is part of the Djvu ransomware family. This particular variant encrypts files and alters their filenames by... Read more
Z1n Ransomware Locks Victim Systems
During a routine examination of new files, our researchers identified the Z1n ransomware, which belongs to the Dharma ransomware family. This malicious software encrypts data and demands payment for the decryption... Read more
