Posts

Ranstop blocks CryCipher ransomware

Test subject – CryCipher ransomware CryCipher is among of the first ransomware discovered at the beginning of this new year. There’s no indication, as of yet, if the ransomware is related/part of with any existing ransomware families. CryCipher ransomware test facts It’s also been a while since we saw this type of ransomware. CryCipher, upon […]

Ranstop blocks Gerber ransomware

Test subject – Gerber ransomware Distributed via spam email campaigns and malicious links, Gerber is back with a new variant, after a very busy December. At least 5 variants were discovered only this month and no decrypting tools were released for any of them. All variants target all versions of Windows, encrypting files using AES-265 […]

Ranstop blocks Delphimorix ransomware

Test subject – Delphimorix ransomware Delphimorix is a new ransomware, emerged at the end of the last month. Since then, in just a couple of weeks, the authors released a few new variants, changing the ransom note but little in the code itself. At first, they demanded 101 Bitcoins to recover the files, but with […]

Ranstop blocks Minotaur ransomware

Test subject – Minotaur ransomware A classic ransomware, Minotaur made its appearance just last week, currently being distributed using email campaigns and several fake or modified office files. It’s a simple ransomware and not particularly effective, missing a few files and folders in our test. Nevertheless, it can do quite a damage, destroying the files […]

Ranstop blocks ONI ransomware

Test subject – ONI ransomware In October last year, many Japanese companies were under attack for as long as a few months, during which cybercriminals were exfiltrating, encrypting data and destroying mission-critical devices. One of the ransomware used in these attacks was ONI. Almost a year later, last month, a new ONI ransomware was released. […]

Ranstop blocks PyLocky ransomware

Test subject – PyLocky ransomware PyLocky is a new ransomware which made its way to the digital world at the end of July, mostly via email campaigns. The core part is written in Python and it is packaged with PyInstaller. Besides the common ransomware-related features, it also exhibits a more complex behavior which prevents or […]

Ranstop stops KeyPass ransomware

Test subject – KeyPass ransomware Emerged last month, KeyPass is one of the first ransomware who managed to get noticed not just because of a significant distribution campaign, but also because of its new features. It was spotted in more than 20 countries around the world and has attacked a few hundred so far. However, […]

Ranstop blocks PrincessLocker Evolution ransomware

Test subject – PrincessLocker Evolution ransomware PrincessLocker first emerged in 2016, and since then, several versions and variants were released. We covered one of these in this article. This one is called “Evolution” and it was quickly advertised as a RaaS (ransomware as a service) by the malware developers. This means that anybody willing to […]

Ranstop stops LockyLocker ransomware

Test subject – LockyLocker ransomware LockyLocker (also known as PyLocker) is a new ransomware which made its way to the digital world at the end of July, mostly via email campaigns. It was also discovered bundled alongside legitimate software, made with InnoSetup, so this should serve as a heads-up. It’s worth mentioning that this particular […]

Ranstop blocks DBGer ransomware

Test subject – DBGer ransomware A new Satan variant was recently released, having quite a few updates. It’s called DBGer, named after the extension it adds to the encrypted files. Satan has been around for quite some time, and it is very popular among cybercriminals, mostly because of their Ransomware-as-a-Service (RaaS) portal, which makes it […]