Articles about ransomware

Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Nothing could protect Durex peddler from NotPetya ransomware

The owner of the Dettol brand and Durex condoms could be left millions out of pocket after falling victim to the NotPetya ransomware last week. The malware attack, which centred on Ukraine but also affected several multinationals worldwide, disrupted production and deliveries at UK-based Reckitt Benckiser, a consumer goods …
John Leyden, 6 Jul 2017
Hospital, photo via Shutterstock

UK Parliament launches inquiry into NHS WannaCrypt outbreak

UK Parliamentary spending watchdogs at the National Audit Office have launched an inquiry into the impact of the recent WannaCrypt ransomware attack on the NHS. Although not aimed specifically at the NHS, the ransomware nonetheless spread across hospital networks, leaving medical staff unable to access patient data, forcing …
John Leyden, 5 Jul 2017
bank robbery

Ker-ching! NotPetya hackers cash out, demand 100 BTC for master decrypt key

All the Bitcoins paid by victims of the NotPetya ransomware attack were withdrawn overnight. Some paid the equivalent of $300 in Bitcoin even though there were no real means to recover their data. Just over 3.96 Bitcoins ($10,382) were drained from a wallet tied to NotPetya early on Wednesday morning, according to a Twitter …
John Leyden, 5 Jul 2017
malware

For all the chaos it sows, fewer than 1% of threats are actually ransomware

Ransomware dominated the threat landscape last year even though file-encrypting nasties made up less than one in a hundred examples of different Windows malware during 2016. The mode of action and damage created by file-encrypting trojans makes them a much greater threat than implied by a consideration of the numbers, …
John Leyden, 4 Jul 2017

'Janus' resurfaces: I was behind the original Petya. I want to help with NotPetya

A Twitter user purporting to speak for the cybercrime group behind the original Petya ransomware has claimed they want to help "repair" the damage caused by this week's attack. The Twitter account Janus Cybercrime Solutions (@JanusSecretary), which went dark for a time after the original Petya outbreak, was reactivated on …
John Leyden, 29 Jun 2017

NHS WannaCrypt postmortem: Outbreak blamed on lack of accountability

A lack of accountability and investment in cyber-security has been blamed for the recent WannaCrypt virus that hobbled multiple hospital NHS IT systems last month in England, a report by The Chartered Institute for IT concludes. The report, published today, comes following a similar, but more limited attack against UK-based …
John Leyden, 29 Jun 2017
TNT

Virus (cough, cough, Petya) goes postal at FedEx, shares halted

FedEx has suspended trading of its shares on the New York stock exchange after admitting that its subsidiary TNT Express has been hit by "an information system virus." The big package giant said no information had been stolen by the cyber-nasty and only some offices of TNT Express appear to have been disrupted. After yesterday …
Iain Thomson, 28 Jun 2017

Everything you need to know about the Petya, er, NotPetya nasty trashing PCs worldwide

Analysis It is now increasingly clear that the global outbreak of a file-scrambling software nasty targeting Microsoft Windows PCs was designed not to line the pockets of criminals, but spread merry mayhem. The malware, dubbed NotPetya because it masquerades as the Petya ransomware, exploded across the world on Tuesday, taking out …
Iain Thomson, 28 Jun 2017

Huge ransomware outbreak spreads in Ukraine and beyond

Updated A huge ‪ransomware‬ outbreak has hit major banks, utilities and telcos in Ukraine as well as victims in other countries. Check out our full analysis of the software nasty, here. Early analysis of the attack points towards a variant of the known Petya ransomware, a strain of malware that encrypts the filesystem tables and …
John Leyden, 27 Jun 2017
Sherlock Holmes

UCL ransomware attack traced to malvertising campaign

Security researchers have suggested that the ransomware attack on University College London last week was spread through a "malvertising" campaign. Proofpoint reckons the AdGholas group spread the infection using malware-tainted online ads. This was a "zero-click required" campaign that could infect users who simply visited a …
John Leyden, 22 Jun 2017
honda crv engine

Honda plant in Japan briefly stops making cars after fresh WannaCrypt outbreak

Honda said today that it had briefly halted operations at a car plant in Sayama, Japan earlier this week because of the infamous WannaCrypt ransomware. The Japanese car maker halted production for one day at a domestic vehicle plant on Monday after finding samples of the WannaCrypt ransomware in its computer network, Reuters …
John Leyden, 21 Jun 2017
A Ransom Note

South Korean hosting co. pays $1m ransom to end eight-day outage

A South Korean web hosting company is forking out just over US$1 million to ransomware scum after suffering more than eight days of nightmare. Nayana first announced the attack on June 10, saying customer video files and its database had been encrypted, and promising to work to recover the data. More than 150 servers were hit …
Office Space

If you haven't already obliterated your Jaff-infected comp, there is an antidote available

Security researchers have developed a free decryption tool for victims of the ‪Jaff‬ ransomware, meaning they can regain access to files without paying crooks. The utility – developed by boffins at Kaspersky Lab – works on all variants released to date. Of course there is still the possibility that the criminals behind Jaff …
John Leyden, 15 Jun 2017

Don't touch that mail! London uni fears '0-day' used to cram network with ransomware

Updated University College London is tonight tackling a serious ransomware outbreak that has scrambled academics' files. It is feared the software nasty may be exploiting a zero-day vulnerability, or is a previously unseen strain of malware as antivirus defenses did not spot it in time, we're told. Eggheads at the UK uni are urged to …
Shaun Nichols, 14 Jun 2017
A_KUDR http://www.shutterstock.com/gallery-1864778p1.html

Mac ransomware author is giving away malicious code to script kiddies

Security researchers have discovered a ransomware variant that targets Macs rather than Windows PCs. Although technically inferior to most current ransomware targeting Windows, it still encrypts or prevents access to victim's files, thereby causing real damage, according to researchers at Fortinet. MacRansom uses symmetric …
John Leyden, 12 Jun 2017

Japanese cops arrest their first ransomware-slinging menace – er, a 14-year-old school boy

Japanese cops have, for the first time ever, arrested a ransomware maker – a teenage tearaway. The 14-year-old from Osaka Prefecture in western Japan was collared on June 5 after police tracked him down as the suspected creator of home-grown ransomware that was being spammed out on social media and hosted on an overseas …
Iain Thomson, 6 Jun 2017

Crapness of WannaCrypt coding offers hope for ransomware victims

Mistakes in the WannaCrypt ransomware worm might allow files to be restored after infection. A crack team of security researchers at Kaspersky Lab has discovered that WannaCrypt/WannaCry, which infected hundreds of thousands of victims at the beginning of May, contains several coding errors. Most of the whoopsies make it …
John Leyden, 1 Jun 2017
Bouncer photo via Shutterstock

Acronis adds automated ransomware protection to latest Backup version

In a well-timed release Acronis has announced its Backup 12.5 product with automated ransomware protection and data integrity checking via blockchain. Acronis Backup 12.5 comes in two editions – Standard and Advanced – with an easy in-place upgrade by changing licence keys. We might think of the Standard edition for smaller …
Chris Mellor, 31 May 2017

Create a news alert about ransomware, or find more stories about ransomware.

Biting the hand that feeds IT © 1998–2017