FBI Releases Master Decryption Keys for GandCrab Ransomware

Posted by & filed under Security Alerts.

FBI has released the master decryption keys for the Gandcrab Ransomware versions 4, 5, 5.0.4, 5.1, and 5.2. Using these keys, any individual or organization can create and release their very own GandCrab decryptor. On June 1st, 2019, the developers behind the wildly successful GandCrab Ransomware announced that they were closing shop after allegedly amassing $2 billion in… Read more »

Sodinokibi Ransomware Exploits Windows Bug to Elevate Privileges

Posted by & filed under Security Alerts.

The Sodinokibi ransomware is looking to increase its privileges on a victim machine by exploiting a vulnerability in the Win32k component present on Windows 7 through 10 and Server editions. The file-encrypting malware stepped into the limelight in April when it started to exploit a critical vulnerability in Oracle WebLogic. Global spread Sodinokibi, a.k.a. REvil, also exploits CVE-2018-8453,… Read more »

How to remove Ryuk Ransomware (Uninstall guide)

Posted by & filed under Security Alerts.

Ryuk ransomware is the cryptovirus that targets companies with large ransom demands to make more profit from one attack. However, ransomware can also affect everyday users and corrupt or delete their data. You need a thorough system scan to terminate the malware in time. Ryuk is a ransomware virus that has already attacked and encrypted… Read more »

Ryuk Ransomware Adds IP and Computer Name Blacklisting

Posted by & filed under Security Alerts.

A new variant of the Ryuk Ransomware has been discovered that adds IP address and computer blacklisting so that matching computers will not be encrypted. This new sample was discovered yesterday by MalwareHunterTeam, who saw that it was signed by a digital certificate. After this sample was examined by security researcher Vitali Kremez, it was discovered that a few changes were… Read more »

RobbinHood Ransomware Stops 181 Windows Services Before Encryption

Posted by & filed under Security Alerts.

According to source articles, RobbinHood ransomware has been discovered and it will stop 181 Windows services prior to the encryption taking place. It is thought that the ransomware might not be distributed through a typical spam campaign, but instead via other methods such as hacked remote desktop (RDP) services. Following is the ransom note created… Read more »