Entries by FM Team

Ranstop blocks Bansomqare ransomware

Test subject Bansomqare ransomware “Bansomqare Wanna” is relatively new ransomware with some particularities, even though it has partly similar code with the infamous WannaCry. It is distributed using email campaigns and infected documents, and it disguises itself as the popular mobile app WhatsApp to trick the user into running the executable. Bansomqare ransomware test facts […]

Ranstop blocks ScammerLocker ransomware

Test subject ScammerLocker (Jodis) ransomware Based on the well known and publicly available HiddenTear ransomware code, ScammerLocker is relatively simple but highly efficient ransomware. HiddenTear is continuously improved, and because it is opensource, we should expect new variants to appear. Other variants of HiddenTear include Oxar, May, Krypton, MoWare, Franzi or Ultimo.  Distribution channels differ […]

Ranstop blocks Princess Locker v2 ransomware

Test subject – Princess Locker v2 ransomware Princess Locker represents a relatively known type of ransomware which seems to have evolved from the same family as Alma Locker. It was first discovered in 2016 and a second version was released relatively recently, and it is very active at present. Princess Locker ransomware test facts The […]

Ranstop blocks GrandCrab ransomware

Test subject – GrandCrab ransomware GandCrab (v1) is distinctive ransomware which was released at the end of January this year and infected around 50k PCs around the world. It is the first one to use the Dash cryptocurrency as payment, while Bitcoin being the first choice of most ransomware currently active. Dash is more privacy […]

Ranstop blocks Annabelle ransomware

Test subject – Annabelle ransomware As its name suggests, Annabelle is one of the most “horrific” ransomware of the last few months, probably inspired by the horror movie franchise with the same title. Its purpose is unlikely to produce revenues, but rather to create panic among its victims and to irreversibly damage data. Annabelle ransomware […]

Notable ransomware attacks in the first two months of 2018

After a tumultuous 2017, marked by notorious attacks like WannaCry, NotPetya, BadRabbit which caused severe disruption and losses of billion dollars, ransomware is expected to continue to hit businesses in 2018 as well. How 2018 looks so far The first two months of 2018 didn’t reveal any massive ransomware outbreak, but the year started with […]

Ranstop blocks Umaru, a Japanese ransomware

Test subject – Umaru, the Japanese ransomware Umaru or DriedSister is an unusual ransomware, in the sense that unlike most ransomware, this one encrypts files, but does not ask users to pay a ransom. The virus is relatively new, being reported in February 2018 and it seems it was conceived to attack Japanese users in […]

Ranstop anti-ransomware blocks Velso ransomware

Test subject – Velso ransomware Velso is a relatively new type of ransomware first reported in January 2018. The virus spreads mainly through spam emails which contain documents with malicious macros. When activated, the macros drop and execute the ransomware on the victim machines. The ransomware uses strong encryption (AES 256 and RSA 1024) to conceal […]

New variant of Petya ransomware attacks computers worldwide

Less than two months ago, WannaCry made the headlines as the most destructive malware in the history. This time the world faces a new virus which uses the functionality of Petya ransomware: Petrwrap. It has already hit many companies and institutions from different countries including Merck, Rosneft, Maersk, Mondelez, causing severe operational disruptions. How Petrwrap […]