Malware Categories: Ransomware

Not long after New Year’s eve we have the first ransomware of 2016. It is called Ransom32 and it’s not like all other ransomware. Cyber security researchers revealed that Ransom32 is the first ever ransomware powered by JavaScript. While majority of old ransomware was hazardous only for Windows OS, Ransom32 can infect all most common operating systems … Continued

RansomAES ransomware infection is a newly-detected crypto-malware, and researchers first spot it in May, 2018. It encrypts file using AES algorithm, and adds .RansomAES extension to the damaged digital data. According to researchers, the virus encrypts files from the desktop and every drive’s root folder. After looking closer into the ransomware, we found out that … Continued

RansomCuck ransomware is one of the most recent, if not the most recent, ransomware reported to proceed the victimization of poor users. This vile cyber threat is said to bear resemblance to Locky, TeslaCrypt and DetoxCrypto viruses in a way not specified further yet. Though it is already known that RansomCuck crypto-malware uses the popular asymmetric … Continued

Ransomnix ransomware virus has made its debut after its controllers hacked into an online shopping website called Themerchantadventurer.com. This is one of the few crypto-viruses that influence domains and their databases. Variant from 2016 called JapanLocker also had chosen this strategy of influencing webpages. In the description of this domain, we noticed a very straightforward … Continued

Gero (or .gero) is a typical ransomware virus: it locks your files and makes them unusable, plus it creates a file in which the developers of this virus ask you to pay them money, promising to fix your data in exchange for a few hundred dollars. On top of locking your files, Gero installs a … Continued

“.help” is a symptom of a malware infection. If your pictures, documents, and other items got renamed end with the extension “.help”, then your computer must have been infected with ransomware. .help is a file extension that’s used by various ransomware viruses, including the Phobos cryptovirus. As ransomware, .help uses cryptography to edit files on the … Continued

Ransomwared is the new cryptovirus, which was discovered by the malware researchers this late-December 2018. The name stems from the extension this ransom-demanding threat uses to mark encrypted files (‘.ransomwared’). As you can tell, such type of infection benefits crooks in a very specific way – from the payments which victims voluntarily send to receive unique … Continued

RansomWarrior 1.0 originates from India and that’s another dangerous ransomware infection. Ransomware is a type of computer virus that locks up personal files by employing a strong cryptography and encrypting them. They make money by forcing users to pay a ransom in an exchange for a decryption tool that should reverse the encryption process and make … Continued

Ranzy Locker is file-encrypting ransomware. It spreads in emails and malicious ads. Ranzy is descended from ThunderX, but it’s newer and more secure. It locks files and appends Ranzy, RNZ, Ranzylocked, Tx_locked, or similar extensions to their names. It might also steal data and post it online if the ransom is not paid. In short about Ranzy ransomware: Classification Ransomware. … Continued

Rapid ransomware is an extremely dangerous virus actively spreading in Europe and the US right now. As it is reported, this virus was launched in January 2018 and has been infecting thousands of users since then, most of them in Europe. It is a typical and unique ransomware infection at the same time – it … Continued

Ravnateljstvo Policije virus is a ransomware that attacks computers located in Croatia. The program uses a name of local police in order to trick random users and swindle their money away. It basically displays a message on the infected computer that hides under the name of Croatian Police. The message blames you for using some … Continued

Razy virus is another example of a crypto-ransomware infection, encoding files and demanding a ransom for the private decryption key. However, this variant was created for only educational purposes and founders had no intention to release this threat into the society. It would be best not to create ransomware viruses in the first place even … Continued

Rebus ransomware is not completely unique computer virus – it is just a new, updated version of Scarab ransomware which was given a different name. Once infiltrated into the computer, Rebus ransomware will try to lock your personal files by applying a special cryptography algorithm. Then, in order to get those files back, you will … Continued

File-encrypting ransomware is a type of malware that is made to block the victim’s access to their own files, or else require them to pay money to get that access. Reco is an example of such malware. It has been discovered very recently and it uses cryptography to break the victim’s files. Reco is a new … Continued

Is another version of Paradise — a cryptovirus that affects computers running the Windows operating system.  Like other ransomware, Recognizer ransomware encrypts files and holds them hostage until the victim pays money in exchange for fixing the issue. Recognizer ransomware is dangerous because there is no obvious way to decrypt the files — it uses … Continued

Recry1 is the name of a computer virus that locks files and forces people to pay money to get them back. This type of infection can cause a lot of inconvenience and grief if you aren’t ready for it. Unlike screen lockers like CIA Special Agent 767 Screen Locker, cryptoviruses like Pottieq, Drume, and Recry1 cannot be easily … Continued

Rectot is a serious virus that affects computers running the Windows operating system. Rectot is a type of ransomware (cyber extortion) that encrypts files to make them inaccessible until a ransom is paid. The symptoms of Rectot Files that are encrypted by Rectot are named [old file name].rectot. Not only are they renamed, but they’re … Continued

RedBoot ransomware virus was first detected several years back. At that time, security specialists did not pay much attention to it as the found sample was poorly coded and ended up being placed into category of unfinished ransomware. This in development threat resurfaced in 23rd of September (2017) and carries similarities to infections like NotPetya … Continued

RedDot ransomware, aka Findnotefile, is a malicious file-encrypting extortion program. It infects Windows PCs, breaks files, and demands the victim to contact the attackers via email to work out the details of the ransom payment. If the victim doesn’t pay the ransom, their files remain encrypted – as good as corrupted. Red Dot is also … Continued

Redeemer ransomware is a malicious program that attacks computers and locks their files. The malicious actors behind Redeemer want to be paid thousands of dollars in order to fix the files that were broken. At the moment, there’s no solution to fixing the files encrypted by Redeemer. About Redeemer ransomware: Threat type Ransomware, trojan. How to … Continued

RedEye is a ransomware/wiper virus. Even though there are some signs that this infection might be encrypting files and you will be forced to pay a ransom in order to retrieve them, we honestly doubt it – recent evidence shows that the virus simply replaces your files with empty ones and then runs a countdown … Continued

Redl is ransomware – malicious software that prevents you from accessing your own files by encrypting them. It’s recognized by files having a second extension, “.redl”. Redl is part of an extortion scheme where the victims are being bullied into paying money to criminals to get their files back. It might be possible for you … Continued

Redmat is a file-encrypting virus which threatens that your files will never be restored unless you pay a sum of hundreds of dollars to the criminals who developed and released Redmat. Redmat is another member of the very aggressive and persistent STOP/DJVU family of ransomware viruses. New versions keep being released, and Redmat is one … Continued

Refols is a new iteration of the DJVU virus that we have written about here. Refols is the type of virus that seeks to make files on a computer inaccessible unless the victim pays a ransom (usually hundreds of dollars) to the cybercriminals responsible for the malware (and we really do not recommend paying). There are a … Continued

Reha is Djvu-type ransomware; it encrypts files to break them and make them unusable. Cybercriminals are using Reha to extort victims of money by promising them to fix the files in exchange for money. Reha locks files and renames them by adding a fake “.reha” extension. It spreads with pirated files and installs a password-stealer on … Continued

Rejg is a malicious file-encrypting program. It is a type of Djvu ransomware, a big family of file-encrypting malware that also includes Wrui, Npsk, and dozens of other infections. You may have heard of it, it used to be incredibly widespread. Rejg’s goal is to get the victims to pay a ransom – hundreds of dollars … Continued

On September 14, 2018, a new cryptovirus called Rektware ransomware (or PRZ ransomware) was reported on Twitter by Serbian Security researcher . In the post malware expert also included a live demonstration of Rektware virus infection, which disclosed some interesting features and remorseless file locking and ransom note display. At the moment there is not … Continued

Reloadit Virus is a dangerous ransomware which belongs to the same family of malware as the infamous Ukash Virus, FBI Moneypak Virus, Paysafecard Virus or Moneygram Virus. Once infiltrated into the system it does not start acting at once. After some minutes it will lock your computer screen with a message similar to the one … Continued

This particular virus was first discovered by a cyber security researcher Dmitriy Melikov last week. There is no doubt that Relock is related to the well-known Matrix ransomware. In fact, it can be called as a new version of Matrix virus because it shares identically same features and a few updates. In general, you should … Continued

There is nothing ordinary about RensenWare crypto-virus. The creator of this sample chose a unique strategy: instead of demanding a ransom, infection obliges victims to pursue a different goal. Victims are expected to play a video game, called TH12 – Undefined Fantastic Object. However, it won’t be enough to merely play the game, the players … Continued

Repp is a file locker used by cybercriminals to extort victims of hundreds of dollars. It spreads from pirating sites and infects Windows PCs. Repp is named so because it locks files and then changes their names to end with “.repp”. The locked files can’t be easily fixed, but Repp definitely needs to be removed … Continued

Reqg is a file-locking virus. Once it’s on a computer, it encrypts various files (pictures, music, documents) so that they can no longer be opened. Reqg then asks for hundreds of dollars to fix these files. Reqg can be deleted with antivirus programs, but this doesn’t decrypt (fix) the files that were broken. To do … Continued

Resurrection ransomware virus is a Harry-Potter-themed infection. The ransom note, found as a .html file, will launch in the preferred browser and play an additional audio track. The music, similar to the worldwide franchise, will accompany the ransom note, beginning with words “Hi,this is not your lucky because this is not a joke, all your … Continued

Retis ransomware virus is a typical variant of crypto-malware. It uses and AES cipher to encrypt users’ digital files and marks damaged data with a familiar extension: .crypted. Ransomware samples like Fatboy, Kangaroo and Nemucod all use the same extension. Retis crypto-virus was first noticed on 19th of December and the sample investigated was called … Continued

Revenge crypto-virus is a fresh variant of ransomware that surfaced this spring. Its ransom note contains 4 versions of the same text, simply translated into separate languages. English, Italian, German, Polish and Korean variants are included into the # !!!HELP_FILE!!! #.TXT. This means that Revenge ransomware targets multiple countries and can expand its radar. The … Continued

Reyptson ransomware virus has come to infect Internet surfers and take their digital files as hostages. AES-128 cipher is utilized against users’ executables and after the file-encoding is concluded, the content of documents, photos, videos and other material becomes damaged to the point that it is not identifiable from previous encounters. Research about this cryto-virus … Continued

Ribd is file-encrypting ransomware. It attacks Windows computers and spreads with infected and pirated software. Most likely, Ribd is downloaded with other malware that causes all sorts of side effects, including pop-up ads in the browser. Ribd encrypts files and then changes their names to include the extension “ribd”, which makes this infection very identifiable. … Continued

There’s a new file-locking virus called Righ. It causes files to get a second file type extension “.righ” (for example, “list.txt.righ”). Righ is a type of Djvu, you might have heard of it – new versions have been coming out for many months. These file-lockers use cryptography to corrupt user files. They leave ransom notes … Continued

Rijndael crypto-malware is a virus by a hacker that goes by a nickname of humanpuff69. This is not the first creation from this hacker as there appears to be an older variant, comparable with the Rijndael infection. This piece of file-encrypting malware features a screen-locker which prevents users from accessing their whole system. Nevertheless, a … Continued

An extremely severe computer virus dubbed “Robin Hood And Family” is categorized as a ransomware for some obvious reasons. However, it can’t completely fit the description of typical ransomware infection because usually ransomware viruses just encrypt personal data and then force users to pay for it, while in this case,  Robin Hood and Family ransomware … Continued

RobinHood Ransomware was discovered no a while ago and it seems that it’s a pretty dangerous one – it uses AES encryption algorithm, the same as Diablo6 ransomware, so it can cause you all sorts of problems. First of all, this infection is categorised as ransomware because it tries to encrypt files stored on the computer … Continued

A belief that only a mature professional can design a crypto-ransomware virus is not always the case. Samples like Roga virus is one of those infections that should have spent more time in the work-shop before actually getting released to spread terror. It is not a complicated ransomware example since it can be solved with … Continued

Roger is file-encrypting ransomware. It attacks Windows PCs and encrypts the files that it finds. It then demands the victim to pay a ransom if they want the data to be repaired. It’s important to delete Roger ransomware and other infections. But fixing the encrypted files is another matter and it might be impossible to … Continued

Rokku Ransomware is a devious infection that secretly infiltrates into random systems and initiates malicious processes. The program scans your files and choose which ones to encrypt. It uses RSA-3072 algorithm to do that. To decrypt these files, you will need to use a private key, which is obviously not that easy to get. In … Continued

Roland ransomware is a computer virus that can completely ruin the system and make it practically unusable. As you can see, we categorize it as ransomware and that’s because the virus encrypts files stored on the hard drive, following by the request to pay a certain amount of money (ransom) to retrieve locked files. Even … Continued

Rooe is malware that affects Windows PCs. It gets downloaded with infected files, installers, and activators downloaded from illegal sites. Then it runs through the files on your computer, encrypting them in the process and renaming them by appending “.rooe” to their names. Rooe ransomware can be removed from your computer, but fixing the files … Continued

Rote is the name of a file-locking virus that renames the files it attacks to include a second extension – “rote”. This virus attacks most user files, including photos and documents, but doesn’t touch operating system files, so the attacked computer still works, but most of your files refuse to open. Rote can be very … Continued

Despite being a new member in the not-so-secret society of ransomware, Rotor virus manages to surprise even those that have seen numerous variants of these infections. The creators are exceptional: exceptionally greedy, we mean. With all other viruses demanding a ransom of 3 or 4 Bitcoins to the max, this specific example requires 4406.36 US … Continued