Ransomware
GrafGrafel Ransomware Threatens Double Extortion
While examining new file samples, our research team uncovered the GrafGrafel malicious program, belonging to the Phobos ransomware family. This type of malware encrypts data and demands ransoms for decryption. Upon... Read more
Xro Ransomware Seems to Be a Wiper
Our analysts came across the Xro ransomware during the evaluation of recent malware submissions. This malicious software is a member of the Xorist ransomware family. Upon executing a sample of Xro on our testing... Read more
Intel Ransomware Threatens Double Extortion
During the examination of newly submitted file samples, our team came across the Intel ransomware, a malicious program affiliated with the Dharma ransomware family. This harmful software encrypts data and demands... Read more
LEAKDB Ransomware is a Phobos Clone
While examining new file samples, our research team identified another ransomware variant belonging to the Phobos family, named LEAKDB. Malware falling under this classification encrypts data and demands payment for... Read more
Jazi Ransomware Will Encrypt Your Files
Jazi, identified through analysis of new file samples, functions as ransomware once it infiltrates a system. Upon infiltration, it encrypts files, adds the ".jazi" extension to filenames, and leaves a ransom note... Read more
Blackoutware Ransomware Demands Payment Within Three Days
While examining recently discovered file submissions, our research team came across the Blackoutware ransomware, which is specifically designed to encrypt data and demand payment for decryption. On our experimental... Read more
Nbzi Ransomware Will Lock Victims' Files
After analyzing new malware samples, we discovered Nbzi - a type of ransomware associated with the Djvu family. Nbzi encrypts files on the victim's system and modifies their filenames by appending the ".nbzi"... Read more
RA World Ransomware Uses Lengthy Ransom Note
During a routine examination of new file submissions, our team uncovered the RA World ransomware. This type of malicious software functions by encrypting files, compelling victims to make payments for their... Read more
CACTUS Ransomware Abuses Vulnerabilities
A recent CACTUS ransomware campaign has been detected exploiting newly revealed vulnerabilities in Qlik Sense, a cloud analytics and business intelligence platform. Researchers from Arctic Wolf, including Stefan... Read more
RedProtection Ransomware Demands Payment in Bitcoin
RedProtection was identified by our researchers during their analysis of new file submissions. This form of malware falls under the ransomware category, with the primary intent of encrypting data and demanding payment... Read more
MuskOff Ransomware Belongs to Chaos Family
MuskOff, identified as a strain of ransomware during a routine examination of new malware submissions, is derived from the Chaos ransomware. This malicious software encrypts files, compelling users to make a payment... Read more
Gyew Ransomware is Based on Djvu Code
Our examination of recently discovered malware samples has uncovered the Gyew ransomware variant. Furthermore, it has been identified that Gyew is linked to the Djvu malware family. This particular ransomware variant... Read more
Nbwr Ransomware is a Djvu Clone
We have identified Nbwr as a type of ransomware associated with the Djvu family. Upon examination, it was found that Nbwr encrypts data, alters filenames by adding the ".nbwr" extension, and generates a text file... Read more
DoctorHelp Ransomware Based on MedusaLocker
Our team discovered DoctorHelp - a piece of malicious software classified as ransomware, belonging to the MedusaLocker family. The primary objective of DoctorHelp is to encrypt files. Furthermore, DoctorHelp generates... Read more
BlackLegion Ransomware Lists No Specific Ransom
BlackLegion is a form of ransomware that encrypts files, rendering them inaccessible to victims. Without decryption, encrypted files cannot be opened. Additionally, BlackLegion alters filenames by appending a string... Read more
Jawr Ransomware Locks Vistim Systems
Jawr operates as ransomware upon infiltrating a system. Following successful infiltration, it encrypts files, appends the ".jawr" extension to filenames, and leaves behind a ransom note labeled "_readme.txt". An... Read more
Gycc Ransomware Will Lock Your Files
The Gycc ransomware, identified during the examination of new malicious file samples, has been linked to the Djvu malware family. This specific ransomware variant operates by encrypting files and appending the ".gycc"... Read more
Gyza Ransomware Locks Systems
The ransomware variant known as Gyza, identified through an analysis of new malware samples, is connected to the Djvu family. Gyza encrypts files, adds a specific extension, and delivers a ransom note named... Read more