- Threat Encyclopedia
- Malware
This ransomware uses a free photo upload service as its C&C server. This way, it is able to mask its C&C routines.
Read more
This ransomware uses Pokemon Go probably to hide its true nature. It tries to spread copies of itself on removable drives as PokemonGo.
Read more
This ransomware, also known as R980 ransomware, resembles some aspects of RANSOM_MADLOCKER as it drops files other than ransom notes. It also avoids certain file paths.
Read more
This ransomware is written in Jscript, a scripting language designed for Windows. This variant comes from an .
Read more
This ransomware is believed to be patterned after WALTRIX/CRYPTXXX. It almost has the same routines as the aforementioned ransomware family, save for a few minor differences.
Read more
This ransomware, seemingly similar to JIGSAW ransomware, threatens to delete one file six hours after non-payment. It threatens to delete all encrypted files after 96 hours of non-payment.
Read more
This ransomware is delivered as an attached document, via spam email. It disguises itself as a fake Thai customs form.
Read more
This ransomware has the ability to encrypt files found on an affected system. This routine makes these files inaccessible until a ransom is paid.
Read more
This ransomware is written in Jscript, a scripting language designed for Windows. Particularly, it is for Internet Explorer.
Read more
This JIGSAW ransomware uses chat support to aid customers in paying the demanded ransom. Previous variants of JIGSAW are known to use scary or porn-related ransom messages.
Read more