It was a very slow week for ransomware news. For the most part, it was mostly new Dharma ransomware variants and a few smaller variants being released. Stay vigilant, though, as a slow week does not mean ransomware is not a threat.
Make sure you have all of your updates installed, RDP secured, and be careful with unknown attachments.
Contributors and those who provided new ransomware information and stories this week include: @jorntvdw, @PolarToffee, @Seifreed, @BleepinComputer, @hexwaxwing, @fwosar, @demonslay335, @DanielGallagher, @FourOctets, @malwrhunterteam, @LawrenceAbrams, @struppigel, @malwareforme, @MarceloRivero, and @JakubKroustek.
November 3rd 2018
November 5th 2018
Marcelo Rivero found Kraken Cryptor 2.2 being distributed through the Fallout Exploit Kit. The price changed from: 0.1 BTC to $80 dollars and the wallpaper changed to a Cerber style background.
A new ransomware was discovered by Michael Gillespie that prepends the (enc) string to encrypted file names and drops a ransom note named aboutYourFiles.txt. For example, test.jpg would be encrypted and renamed to (enc)test.jpg.
Michael Gillespie discovered a new Dharma Ransomware variant that appends the .adobe extension to encrypted files.
November 6th 2018
Michael Gillespie found a new Dharma Ransomware variant that appends the .tron extension to encrypted files.
November 9th 2018
Jakub Kroustek found two new Dharma Ransomware variants that append either the .AUDIT or .cccmn extension to encrypted files.
Michael Gillespie found a new PyCL Ransomware variant that uses the .impect extension for encrypted files and drops a ransom note named how to get back you files.txt.