The Week in Ransomware – November 9th 2018

It was a very slow week for ransomware news. For the most part, it was mostly new Dharma ransomware variants and a few smaller variants being released. Stay vigilant, though, as a slow week does not mean ransomware is not a threat.

Make sure you have all of your updates installed, RDP secured, and be careful with unknown attachments.

Contributors and those who provided new ransomware information and stories this week include: @jorntvdw, @PolarToffee, @Seifreed, @BleepinComputer, @hexwaxwing, @fwosar, @demonslay335, @DanielGallagher, @FourOctets, @malwrhunterteam, @LawrenceAbrams, @struppigel, @malwareforme@MarceloRivero, and @JakubKroustek.

November 3rd 2018

[email protected] Ransomware discovered

MalwareHunterTeam discovered the [email protected] ransomware that appends the .mariacbc extension to encrypted files.

M@r1a Ransomware

November 5th 2018

Kraken Cryptor 2.2 spread by Fallout exploit kit

Marcelo Rivero found Kraken Cryptor 2.2 being distributed through the Fallout Exploit Kit. The price changed from: 0.1 BTC to $80 dollars and the wallpaper changed to a Cerber style background.

Kraken Cryptor 2.2

New ransomware prepends enc

A new ransomware was discovered by Michael Gillespie that prepends the (enc) string to encrypted file names and drops a ransom note named aboutYourFiles.txt. For example, test.jpg would be encrypted and renamed to (enc)test.jpg.

New Dharma Ransomware variant

Michael Gillespie discovered a new Dharma Ransomware variant that appends the .adobe extension to encrypted files.

November 6th 2018

New Dharma Ransomware variant

Michael Gillespie found a new Dharma Ransomware variant that appends the .tron extension to encrypted files.


November 9th 2018

New Dharma Variant

Jakub Kroustek found two new Dharma Ransomware variants that append either the .AUDIT or .cccmn extension to encrypted files.

New PyCL Ransomware variant

Michael Gillespie found a new PyCL Ransomware variant that uses the .impect extension for encrypted files and drops a ransom note named how to get back you files.txt.

PyCL Ransom Note

That’s it for this week! Hope everyone has a nice weekend!

Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Most Popular

To Top