Ransomware

We have been tracking a prolific malvertising campaign for several weeks and captured a variety of payloads, including several stealers. One that we initially identified as Arkei turned out to be Vidar, a new piece of malware recently analyzed in detail by Fumik0_ in his post: Let’s dig into Vidar – An ArkeiRead More →

crypto

Several major U.S. newspapers reported they were victims of production-disrupting cyber attacks on or around the holidays. On December 29, the LA Times noted that an unknown actor used what experts believe to be Ryuk ransomware to infect systems needed to publish the newspaper, including computers that store the newsRead More →

Ransomware

A North Carolina water utility has been infected by ransomware in a breach the company says has forced customer-service functions offline and will require it to rebuild its computing infrastructure. Jacksonville, North Carolina-based Onslow Water and Sewer Authority (ONWASA) said in a statement that it was hit by the Ryuk ransomware virus in the middleRead More →

crypto

A new variant of the Dharma Ransomware was released this week that appends the .brrr extension to encrypted files. This variant was first discovered by Jakub Kroustek who tweeted a link to the sample on VirusTotal. Below we have outlined how this ransomware infects a computer, what happens when your files become encrypted, andRead More →