Articles about ransomware

Sherlock Holmes

UCL ransomware attack traced to malvertising campaign

Security researchers have suggested that the ransomware attack on University College London last week was spread through a "malvertising" campaign. Proofpoint reckons the AdGholas group spread the infection using malware-tainted online ads. This was a "zero-click required" campaign that could infect users who simply visited a …
John Leyden, 22 Jun 2017
honda crv engine

Honda plant in Japan briefly stops making cars after fresh WannaCrypt outbreak

Honda said today that it had briefly halted operations at a car plant in Sayama, Japan earlier this week because of the infamous WannaCrypt ransomware. The Japanese car maker halted production for one day at a domestic vehicle plant on Monday after finding samples of the WannaCrypt ransomware in its computer network, Reuters …
John Leyden, 21 Jun 2017
A Ransom Note

South Korean hosting co. pays $1m ransom to end eight-day outage

A South Korean web hosting company is forking out just over US$1 million to ransomware scum after suffering more than eight days of nightmare. Nayana first announced the attack on June 10, saying customer video files and its database had been encrypted, and promising to work to recover the data. More than 150 servers were hit …
Office Space

If you haven't already obliterated your Jaff-infected comp, there is an antidote available

Security researchers have developed a free decryption tool for victims of the ‪Jaff‬ ransomware, meaning they can regain access to files without paying crooks. The utility – developed by boffins at Kaspersky Lab – works on all variants released to date. Of course there is still the possibility that the criminals behind Jaff …
John Leyden, 15 Jun 2017

Don't touch that mail! London uni fears '0-day' used to cram network with ransomware

Updated University College London is tonight tackling a serious ransomware outbreak that has scrambled academics' files. It is feared the software nasty may be exploiting a zero-day vulnerability, or is a previously unseen strain of malware as antivirus defenses did not spot it in time, we're told. Eggheads at the UK uni are urged to …
Shaun Nichols, 14 Jun 2017
A_KUDR http://www.shutterstock.com/gallery-1864778p1.html

Mac ransomware author is giving away malicious code to script kiddies

Security researchers have discovered a ransomware variant that targets Macs rather than Windows PCs. Although technically inferior to most current ransomware targeting Windows, it still encrypts or prevents access to victim's files, thereby causing real damage, according to researchers at Fortinet. MacRansom uses symmetric …
John Leyden, 12 Jun 2017

Japanese cops arrest their first ransomware-slinging menace – er, a 14-year-old school boy

Japanese cops have, for the first time ever, arrested a ransomware maker – a teenage tearaway. The 14-year-old from Osaka Prefecture in western Japan was collared on June 5 after police tracked him down as the suspected creator of home-grown ransomware that was being spammed out on social media and hosted on an overseas …
Iain Thomson, 6 Jun 2017

Crapness of WannaCrypt coding offers hope for ransomware victims

Mistakes in the WannaCrypt ransomware worm might allow files to be restored after infection. A crack team of security researchers at Kaspersky Lab has discovered that WannaCrypt/WannaCry, which infected hundreds of thousands of victims at the beginning of May, contains several coding errors. Most of the whoopsies make it …
John Leyden, 1 Jun 2017
Bouncer photo via Shutterstock

Acronis adds automated ransomware protection to latest Backup version

In a well-timed release Acronis has announced its Backup 12.5 product with automated ransomware protection and data integrity checking via blockchain. Acronis Backup 12.5 comes in two editions – Standard and Advanced – with an easy in-place upgrade by changing licence keys. We might think of the Standard edition for smaller …
Chris Mellor, 31 May 2017
petya

Ransomware realities: In your normal life, strangers don't extort you. But here you are

As "trendy" as ransomware is at the moment, it's a sobering thought when you remind yourself that in this case you're literally having to deal with some miscreant holding your data to ransom. In practical terms, when your systems become infected, the malware encodes your files using a strong encryption algorithm, and leaves …
Dave Cartwright, 30 May 2017
ransomware

‪WannaCry‬pt ransomware note likely written by Google Translate-using Chinese speakers

The ‪WannaCry‬pt extortion notes were most likely written by Chinese-speaking authors, according to linguistic analysis. WannaCry samples analysed by security outfit Flashpoint contained language configuration files with translated ransom messages for 28 languages. All but three of these messages were put together using Google …
John Leyden, 26 May 2017
NHS hosptial photo, by Marbury via Shutterstock

NHS Digital stopped short of advising against paying off WannaCrypt

NHS Digital stopped short of advising health organisations in England not to cough up for the WannaCrypt ransom attack because it couldn't be certain that all hospitals had backed up patient records. Dan Taylor, head of security at NHS Digital, told thousands of NHS organisations everything about the attack – except explicitly …
Kat Hall, 25 May 2017
Liam Neeson, Taken

Feeling Locky, punk? Ransomware grew eight-fold last year

Ransomware saw a more than eight-fold (752 per cent) increase as a mode of attack in 2016, according to Trend Micro. The infosec firm estimates file-scrambling malware families such as Locky and Goldeneye raked in $1 billion in 2016. 2016 was the year when ransomware ruled, and this danger has been maintained by recent …
John Leyden, 24 May 2017
threats image

Network-sniffing, automation, machine learning: How to get better threat intel

IT teams can get away with poor service management, outdated software development methods and outdated apps running on legacy tin, but they might want to think twice before skimping on cybersecurity. If you don't stay on top of this stuff, while you might not be found out today or tomorrow, eventually, your customers’ personal …
Danny Bradbury, 24 May 2017
wannacry

Wannacry: Everything you still need to know because there were so many unanswered Qs

Vid It has been a week since the Wannacry ransomware burst onto the world's computers – and security researchers think they have figured out how it all started. Many assumed the nasty code made its way into organizations via email – either spammed out, or tailored for specific individuals – using infected attachments. Once …
Iain Thomson, 20 May 2017
phishing

Crooks use WannaCrypt hysteria as hook for BT-branded phishing emails

Scoundrels have latched on to the WannaCrypt outbreak as a theme for scam emails. Coincidentally some consumers are receiving seemingly genuine warnings from their ISPs related to suspected infection during last week's worldwide ransomware outbreak. Action Fraud warned about a dodgy email trying to trick BT customers on …
John Leyden, 19 May 2017

‪There's a ransom-free fix for WannaCry‬pt. Oh snap, you've rebooted your XP box

Windows XP PCs infected by WannaCrypt can be decrypted without paying ransom by using a new utility dubbed Wannakey. Wannakey offers in-memory key recovery for Win XP machines infected by the infamous ransomware strain. The fix can be used to dump encryption keys from memory. This RSA private key, once recovered, can be used …
John Leyden, 19 May 2017

Great Ormond Street children's hospital still offline after WannaCrypt omnishambles

Updated The internationally famous Great Ormond Street Hospital has been taken offline as a safety measure following last week's catastrophic WannaCrypt outbreak. The London-based children's hospital was not itself hit by the ransomware but has nonetheless quarantined its computer network. This has left staff without either email or …
John Leyden, 18 May 2017

Create a news alert about ransomware, or find more stories about ransomware.

Biting the hand that feeds IT © 1998–2017