1. Jrs30

    Beyond TeslaCrypt: Crysis family lays claim to parts of its territory

    It has been two weeks since ESET created a TeslaCrypt decryptor, which allows victims of the ransomware to get their files back. This came on the back of its developers ceasing operations. Since then, over 32,000 users around the globe have taken advantage of this opportunity and downloaded the...
  2. frogboy

    Malvertising Push Infects 288 Popular Websites

    A large malvertising campaign hitting the Netherlands is affecting most of the popular Dutch websites, with a total 288 sites being affected. Malvertising occurs when cyber-criminals create ads which are perceived as legitimate but actually spread malware by hiding a small piece of code deep in...
  3. bunchuu

    Crypto-Ransomware Vaccine from Bitdefender (BD Anti Ransomware)

    Recently, I stumbled on article from Bitdefender blog that claim they have released "a new vaccine tool which can protect against known and possible future versions of the CTB-Locker, Locky and TeslaCrypt crypto ransomware families" Their previous vaccine/version seem to protected /appdata and...
  4. J

    Malware analysis Malware Network Analysis 23.03.2016

    Hi all. I made an analysis of a ransomware malware, and the detection ratio is not so high. Here is the VirusTotal results: https://www.virustotal.com/it/file/78d384fec2fed75aac1d42c1399fc0f0d465a8e8a1f5a53c6e875f6eba676678/analysis/ Detection ratio: 9/56 It is a ransomware, and...
  5. frogboy

    Nasty Trojan Spreads Global Ransomware via Email

    A fresh wave of infected emails is swirling around the globe, carrying a nasty ransomware payload. ESET is warning of an increased number of infected emails containing a malicious attachment, which downloads and installs ransomware onto an infected device. ESET telemetry detects this malicious...
  6. frogboy

    TeslaCrypt Posing as USPS in Ransomware Campaign

    AppRiver have issued a warning over a current TeslaCrypt Ransomware campaign which mimics the United States Postal Service (USPS). According to the company, TeslaCrypt are targeting users with emails that have USPS colors and graphics, including an attachment which is supposed to be an invoice...
  7. J

    Blackmailer trojan spread by emailing JS Script

    Introduction A new blackmailer variant email with new transmission characters was captured by Antiy Threat Situational Awareness System on December 2, 2015, which was guided by a JS script in compressed package rather than spread by sending binary file load directly. Antiy PTA group has made...
  8. upnorth

    TeslaCrypt

    The Talos Security Intelligence and Research Group ( Talos ) reported in April 27, 2015 that they made a tool ( TeslaDecrypt ) that was able to decrypt the files encrypted by the TeslaCrypt ransomware. My question is...does this tool still work? The tool is old by now but I'm still curious so...