Home Tags Decryption

Tag: Decryption

Ztorg: from rooting to SMS

Irsquo;ve been monitoring Google Play Store for new Ztorg Trojans since September 2016, and have so far found several dozen new malicious apps.

All of them were rooting malware that used exploits to gain root rights on the infected device.
In May 2017, a new Ztorg variant appeared on the Google Play Store – only this this time it wasnrsquo;t a rooting malware but a Trojan-SMS.

If you haven’t already obliterated your Jaff-infected comp, there is an...

Lovely chaps at Kaspersky have developed decryption tool Security researchers have developed a free decryption tool for victims of the ‪Jaff‬ ransomware, meaning they can regain access to files without paying crooks.…

Jaff ransomware demanding $4,000 to unlock your files? Now you can...

Kaspersky Lab has released a free decryption tool for Jaff ransomware after exploiting vulnerabilities in the malware's code.

Decryption Utility Unlocks Files Encrypted by Jaff Ransomware

Researchers have neutralized the latest strain of the Jaff ransomware, releasing a decryption tool for unlocking files.

Is “I forget” a valid defense when court orders demand a...

This week, a judge considers possible jail for alleged extortionists who pled the Fifth.

Dridex: A History of Evolution

In the several years that the Dridex family has existed, there have been numerous unsuccessful attempts to block the botnetrsquo;s activity.

The ongoing evolution of the malware demonstrates that the cybercriminals are not about to bid farewell to their brainchild, which is providing them with a steady revenue stream.

Windows XP PCs infected by WCry can be decrypted without paying...

Decryption tool is of limited value, because XP was unaffected by last week's worm.

Ztorg: money for infecting your smartphone

This research started when we discovered an infected Pokeacute;mon GO guide in Google Play. We detected the malware as Trojan.AndroidOS.Ztorg.ad.

After some searching, I found some other similar infected apps that were being distributed from the Google Play Store.

After I started tracking these infected apps, two things struck me – how rapidly they became popular and the comments in the user review sections.

WannaCry ransomware used in widespread attacks all over the world

Earlier today, our products detected and successfully blocked a large number of ransomware attacks around the world.
In these attacks, data is encrypted with the extension “.WCRYrdquo; added to the filenames. Our analysis indicates the attack, dubbed “WannaCryrdquo;, is initiated through an SMBv2 remote code execution in Microsoft Windows.

XPan, I am your father

While we have previously written on the now infamous XPan ransomware family, some of it’s variants are still affecting users primarily located in Brazil.

This sample is what could be considered as the “father” of other XPan ransomware variants.

A considerable amount of indicators within the source code depict the early origins of this sample.

Tell Bart and other ransomware families to ‘Eat my shorts’ with...

Free tools for unlocking Bart, Merry X-Mas and other types of ransomware are released as part of the No More Ransom initiative.

Tell Bart and other ransomware families to ‘Eat my shorts’ with...

Free tools for unlocking Bart, Merry X-Mas, and other types of ransomware have been released as part of the No More Ransom initiative.