Malware
This ransomware uses a free photo upload service as its C&C server. This way, it is able to mask its C&C routines.
Read moreThis ransomware uses Pokemon Go probably to hide its true nature. It tries to spread copies of itself on removable drives as PokemonGo.
Read moreThis ransomware, also known as R980 ransomware, resembles some aspects of RANSOM_MADLOCKER as it drops files other than ransom notes. It also avoids certain file paths.
Read moreThis ransomware is written in Jscript, a scripting language designed for Windows. This variant comes from an .
Read moreThis ransomware is believed to be patterned after WALTRIX/CRYPTXXX. It almost has the same routines as the aforementioned ransomware family, save for a few minor differences.
Read moreThis ransomware, seemingly similar to JIGSAW ransomware, threatens to delete one file six hours after non-payment. It threatens to delete all encrypted files after 96 hours of non-payment.
Read moreThis ransomware is delivered as an attached document, via spam email. It disguises itself as a fake Thai customs form.
Read moreThis ransomware has the ability to encrypt files found on an affected system. This routine makes these files inaccessible until a ransom is paid.
Read moreThis ransomware is written in Jscript, a scripting language designed for Windows. Particularly, it is for Internet Explorer.
Read moreThis JIGSAW ransomware uses chat support to aid customers in paying the demanded ransom. Previous variants of JIGSAW are known to use scary or porn-related ransom messages.
Read more