Ransomware
scytaleSECC Ransomware Encrypts Important Files
The scytaleSECC ransomware is a malicious software that encrypts files and changes their names by adding the ".scytaleSECC" extension. This malware demands payment in Bitcoin for the decryption of affected files. The... Read more
NEVADA Ransomware Targets Both Linux and Windows Computers
NEVADA is a type of ransomware that affects Windows and Linux operating systems and is coded in Rust. Upon infecting a system, it encrypts files, adds the ".NEVADA" extension to their names, and leaves behind a ransom... Read more
What is the GonaCry Ransomware Threat?
The GonaCry ransomware is a malicious program that encrypts files, alters the filenames, changes the background image, and leaves behind a ransom note. Our experts uncovered it while reviewing submissions to online... Read more
Script Ransomware is a New Chaos Ransomware Variant Designed to Encrypt Your Files
Our malware researchers recently discovered Script, a ransomware used by cybercriminals to hold a victim's data hostage. Script belongs to the Chaos ransomware family and encrypts files, adds the ".Script" extension... Read more
BitenC Ransomware is a New Mallox Clone
BitenC is a type of ransomware that encrypts data and demands payment for the decryption tools. After executing a sample of BitenC, it appended filenames with a ".bitenc" extension. The new variant is part of the... Read more
What is the MrWhite Ransomware?
We recently ran into a malicious program called MrWhite, which belongs to the VoidCrypt ransomware family. After launching it on our test system, we noticed that it encrypted files and changed their names by adding a... Read more
What is Mimic Ransomware?
Mimic is a type of ransomware that encrypts data and demands ransoms for decryption. It is believed to be based on the leaked CONTI ransomware builder, and has been observed targeting English and Russian speaking... Read more
Anonymous Ransomware Expands Chaos Family of Clones to Encrypt Data
While scanning online threat databases, we ran into a new form of ransomware that is called simply "Anonymous". This ransomware, which is built on the Chaos ransomware code, encrypts all files, attaches its extension... Read more
Erqw Ransomware is Yet Another Djvu Clone Designed to Encrypt Files for Hostage
Our researchers came across the Erqw ransomware while reviewing the latest submissions on VirusTotal. This particular malware encrypts files and adds the ".erqw" extension to their names. It also leaves a ransom note... Read more
What is the ZFX Ransomware?
ZFX is a type of malicious software known as ransomware, which encrypts files and modifies filenames. It appends a string of random characters, an email address (CryptedData@tfwno.gf), and the ".ZFX" extension to the... Read more
What is the Sickfile Ransomware?
Sickfile is a ransomware-type program that our researchers recently discovered. Upon execution, it encrypts files and appends them with a ".sickfile" extension. This means that a file titled "1.jpg" will appear as... Read more
What is the Sa58 Ransomware Threat?
Sa58 is the name of a new strain of malware that functions as a ransomware. This malware is designed to encrypt files, adding the ".sa58" extension to the filenames of encrypted files and creating a ransom note inside... Read more
Sunjn Ransomware - a New VoidCrypt Variant that Encrypts Files
Our team came across Sunjn, a malware belonging to the VoidCrypt ransomware family, while analyzing recent threat database submissions. Upon testing Sunjn on a test machine, we found that it encrypted files and... Read more
Honkai Ransomware is a New Paradise Clone Looking for Files On Your PC to Encrypt
During a review of new entries on threat databases, we stumbled upon the Honkai ransomware, which belongs to the Paradise ransomware family. Upon conducting a test run of the Honkai ransomware, it was found that the... Read more
Erop Ransomware is One More Djvu Variant That Targets Your Files for Encryption
The malware known as Erop has been identified as a member of the Djvu ransomware family. It works by encrypting the victim's files, adding the ".erop" extension, and creating a "_readme.txt" file that holds a ransom... Read more
Warning! Assm Ransomware is Another Djvu Clone
Our team discovered Assm, a ransomware belonging to the Djvu family, while examining malware samples submitted to online threat databases. This malicious software prevents victims from accessing their data by... Read more
Unknown Ransomware is a New Phobos Malware Family Member
We recently ran into a ransomware variant belonging to the Phobos family, dubbed Unknown. This malicious software encrypts files and changes their filenames, adding the victim's ID, an email address, and the... Read more
Marnet Ransomware is a New MedusaLocker Variant
Marnet is a ransomware variant that encrypts and then renames files, leaving behind a ransom note in the form of an HTML file. It belongs to the MedusaLocker family and modifies filenames by adding a number to the... Read more
