[email protected] virus

[email protected] is one of the email addresses (the other is [email protected]) of some cybercriminals, used in an extortion scheme that some call the RSA ransomware. RSA, which usually is a name of one of the most popular encryption algorithms, is in this case used as the file type for files locked by the RSA virus. … Continued

Rumba virus

This past week, but the weekend especially, was uneasy for so many users globally, because they were hit by new ransomware called Rumba virus. Actually, this threat, that adds the .rumba string to every file’s name it finds in the system, is not that new. It is an update of an old STOP (DJVU) ransomware. … Continued

RumbleCrypt Ransomware

RumbleCrypt ransomware is one of the latest ransomware threats released. This virus, as the majority of elaborate ransomware viruses, uses the asymmetric encryption algorithm to encrypt the victim’s data. The key, which can unlock the victim’s files is buried deeply into the servers controlled by the developers of RumbleCrypt. They refuse to give it to … Continued

Ryuk ransomware

Ryuk ransomware is a new virus that was noticed by the around mid-August 2018. It was reported that this, at first unidentified, virus in two weeks attacked 3 companies which are from the US and Germany and 1 of them being a healthcare facility, as well as other victims, in total gaining US $640,000. Ryuk … Continued

Sad ransomware

Sad ransomware is a recently discovered computer virus. The discovery was made by Leo (cyber security researcher) and published on a Twitter post. While most of the features of this ransomware is pretty common, it also has a rather unique trait – Sad ransomware tends to spread among computers on the same network. For instance, … Continued

SADStory ransomware

SADStory is a new crypto-virus, designed by the same group of crooks that are responsible for MafiaWare variant. Mafia Malware Indonesia is a collective of hackers that do not strike as extremely skilled professionals. Their developed infections are classified as weak as they are based on open source codes like HiddenTear. Such ransomware is not … Continued

Sage 2 ransomware

The first version of Sage crypto-virus was discovered by our research group in the 7th of December, 2016. Nearly two months after we released our article about it, a new sample was detected to run in the cyber fields as a second addition of the Sage threat. The primary version was not a ground-breaking infection … Continued

Sage Ransomware

Sage ransomware is written from the source code, which is the code of TeslaCrypt. It is one of the many encrypting trojans, but despite the fact that Sage crypto-malware does not have some specific features does not make it a less threatening cyber pest. The name of this ransomware threat fits the program code it … Continued

Salsa ransomware

Salsa crypto-virus is a recent infection that demonstrates some peculiar elements. First, it has a separate html file for each ransom note in a different language. Presumably, so it would know which one should be inserted into victims’ devices, the ransomware would either figure out which language is set as a preference or learn users’ … Continued

SamSam Ransomware

SamSam ransomware (also Samas/Samsa/MSIL.B/C), like many of ransomware viruses, uses asymmetric encryption algorithm. But the peculiarity of this particular file encrypter is that it generates the RSA key pair itself. Thus, it does not need to connect to a C&C (Command and Control) server to send the public key on the victim’s computer. Samsam encoder … Continued

Sanction Ransomware

Sanction Ransomware is a deceptive virus that encrypts your personal files and demands paying 3 BTC in order to get the decryption key. It passes a message that there is no other way to get your files restored and gives 72 hours to make the payments. Obviously it scares a lot of users and reaches … Continued

Sanctions Ransomware

During the weekend, ransomware creators were not resting: they developed a number of new infections. One of them is a Sanctions crypto-virus, crafted as a response to the attempts of sanctioning Russia for its reprehensible actions in Ukraine. Main communist symbol of a hammer and a sickle are spotted in the caricature that Sanctions virus … Continued

SARansom ransomware

SARansom ransomware is another virus found by in mid-August, 2018. This crypto infection earns money for the developers by encrypting personal files and asking for a ransom in exchange. The unique feature of SARansom virus is that it asks for unusually high payment of 5BTC (US $32,136.30). Apart from that, every other function works just as … Continued

Sarut Ransomware

Sarut is a new ransomware virus that is infecting people’s files and demanding a ransom. There are many similar infections and, if this virus left you a ransom note that looks anything like this one, you can tell that Sarut is a new member of the DJVU family of cryptoviruses. These malicious programs try to … Continued

Satan Cryptor 2.0 Ransomware

Satan Cryptor 2.0 ransomware virus is a newly-discovered crypto malware that features ransom notes in three different languages. People can select to view the demands in English, Korean and Chinese. Therefore, while it might target the Western world, its main focus could be on countries from Asia. It encrypt data with AES encryption and requires … Continued

Satan ransomware

January took an interesting and frightening turn when novel viruses began to pop. Just yesterday, our researchers were concerned with a complicated Spora virus which showed high-level encryption and resistance. Now, without advance warning, we have to introduce a new ransomware infection which definitely is not your typical virus. This time cunning hackers decided to … Continued

SATANA Ransomware

Another ransomware virus has been named after a fictional character from Marvel Comics. This time, Satana is selected as the villain to be honored: a half-demon, a daughter of Satan, groomed to be evil and cause chaos. SATANA virus can make any computer bow to it. It chose to surprise security researchers with the two-key … Continued

Saturn Ransomware virus

Saturn ransomware was recently discovered by at least several cyber security researchers and immediately put under the radar due to its’ unusual nature – Saturn is distributed for free as a tool that let’s anyone to become an amateur hacker and steal money from users. This phenomenon even has a special name – Raas (Ransomware … Continued

Satyr Ransomware Virus

Satyr Ransomware – dangerous computer infection that can cause a lot of damage. Actually, this infection can result in the loss of your personal files for good. It employs a strong cryptography to lock files on infected computer and then demands the ransom to be paid. Even though it might be worth to pay some … Continued

[email protected] Ransomware Virus

[email protected] is a code name for a dangerous ransomware virus that can cause a lot of damage to your computer. The name for this virus is not accidental – cyber criminals behind it use this email address for communication with victims. It can also be referred to as SAVEfiles virus because it employs .savefiles extension to lock … Continued

ScammerLocker ransomware

ScammerLocker virus is a ransomware infection, based on the Hidden Tear open source project. Multiple viruses are based on this project: CrY-TrOwX and Ordinal infections are only a few of the examples. ScammerLocker virus uses : after the encoding process is completed, users won’t be able to access most of their digital files. Researchers also … Continued

Scarab-Glutton Virus

Scarab-Glutton is believed to be an updated version of original Scarab ransomware. This computer virus also has another version – Scarab-XTBL. So what are the differences and similarities between those 3 viruses? They use the same code base and cryptography to encrypt files, as well as similar distribution techniques. The main difference is extensions that are … Continued

Scarab Ransomware

It has been recorded that a new type of ransomware dubbed “Scarab Ransomware” is being distributed in massive numbers right now. Distribution of this ransomware is carried out by the malspam campaign and the Necurs botnet is employed to pull this out. Even though the exact number is still unknown, it is clear that way … Continued

Scarab-XTBL Ransomware

Scarab-XTBL ransomware virus has been labelled as a new version of Scarab crypto-malware. We discussed this cyber threat in November, 2017, and this infection was distributed very rapidly at that time. At one point, Necurs Botnet had sent approximately 12.5 million email letters, containing attachments with Scarab ransomware. The new version uses AES algorithm to … Continued

Schwerer ransomware

Originally, Autoit was developed for the purpose of building automation scripts. Over the years, the possibilities of using Autoit increased to the point that it was practical to create malware with it. Schwerer crypto-virus has been crafted in Autoit and that makes it not a typical sample to examine. Other characteristics of this variant are more … Continued

ScreenLocker Ransomware

ScreenLocker is a a new ransomware is really similar to all other ransomware of this type. However, it has one strange attribute – it is not finished, yet released. This means that, if your computer is infected with this ransomware, you will have no opportunity to pay the ransom and retrieve your files. And this makes ScreenLocker even more … Continued

SDEN Ransomware

SDEN is ransomware — one of the most devastating types of malware. SDEN will encrypt your files (text documents, spreadsheets, movies, songs — almost every popular file format), making them unintelligible. This is, in theory, a reversible process and the criminals are offering to fix the files for a ransom. SDEN is a Matrix family ransomware. … Continued

Secretaría de Seguridad Pública virus

Secretaría de Seguridad Pública virus is one more ransomware program that misuses a name of police in order to convince computer users they have violated the law and get money from them. Basically, it accuses a victim with using and distributing of copyrighted or pornographic content. The program attacks computers located in Mexico and asks … Continued

SecretSystem Ransomware

SecretSystem Ransomware is a dangerous computer virus that can attack your system and hijack files stored on it. If you have been hit with this infection, you have to deal with two main problems – recover your files and remove the infection. First things first, let’s clean your computer from this infection and then we … Continued

SecureCryptor Ransomware

SecureCryptor is regarded to be a corruptive virus that uses malicious codes to perform dubious procedures inside your computer. It is a Trojan ransomware since the virus hides its payload as an executable file. It is a very severe infection and we are taking our time to inform you about it and provide possible solutions. … Continued

SEED LOCKER virus

SEED LOCKER is ransomware that uses cryptography to modify victim’s data in order to block it from being accessed unless you have a special decryptor and then selling that key code to the user for money. This is one of the most notorious infections your computer can have because of the difficulty of solving its … Continued

Seon Ransomware

Have your files been broken by something called “SEON Ransomware” after a visit to a video converting site? Seon is a family of file-locking viruses which have been around since November of 2018. The extension FIXT marks the files locked by Seon, but the encryption is deeper than just a new extension. If your computer is … Continued

Sepsis Ransomware

Sepsis ransomware is a kind of virus that will encrypt your personal files and then force you to pay a certain amount of money in order to get them back. While some of the computer viruses like browser hijackers or adware just infect computers and then monetize them by displaying advertisements or redirecting users to … Continued

Sequre Ransomware – Decryption Instructions

Sequre ransomware might be a game-changing computer virus – it employs unique technological solutions in order to avoid getting detected by anti-malware and anti-virus software and is capable of infecting computers that are well protected. Besides that, it’s just a regular ransomware infection that will try to decrypt your personal files and ask for a ransom to be … Continued

SerbRansom virus

A Serbian ransomware infection has been born, but its presence in the cyber world is weak (at least for now). People are not reporting this variant in action and such lack of complaints must mean that SerbRansom virus is yet to be involved in malicious spam campaigns or other trendy crafts of transmission. However, some … Continued

Serpent virus

Hackers will never yield: they have once again manufactured a cutting-edge ransomware infection: Serpent virus. Its creators express a great deal of attention to potential victims’ demographic location: they do not wish to compromise Russian-speaking users and that could be understood as a hint to where the hackers themselves could be from. Internet surfers, sitting next … Continued

Server CryptoMix virus

Server ransomware virus is a variant of CryptoMix infection. Different versions from the same developers of crypto-malware have been popping out on a regular basis. Just on the 2nd of January, we discussed a TastyLock ransomware which has nearly identical features. Each variant of CryptoMix virus uses unique email addresses. In the case of Server … Continued

Serviciul De Combaterea A Criminalităţii Informatice virus

Serviciul De Combaterea A Criminalităţii Informatice virus is a ransomware that targets computers i Romania. The program uses the name of Romanian Police (Poliţia Romana) and tries to scare the users of infected machines that they have done something illegal and attemots to make you pay a fine for that. Serviciul De Combaterea A Criminalităţii … Continued

Seto Ransomware

Seto ransomware is designed to lock your personal files after it gets on your computer. It often infects computers through pirated software and tries to disable Windows Defender and install a data-stealing trojan. This file-locker is an example of one of the worst kinds of malware. Ransomware’s destructive impact is exemplified by the way how everyone’s first … Continued

Sglh Ransomware

Sglh is ransomware that appends the “.sglh” extension to the files that it encrypts. It’s a malicious program that breaks files and demands money in exchange for fixing them – hundreds of dollars. Sglh is part of a large ransomware family, Djvu. It is known that this ransomware infects computers together with spyware and, sometimes, … Continued

Shade Ransomware

Shade Ransomware is an infection that can encrypt your personal files so you will not be able to open or use them anymore. In order to retrieve encrypted files, you will be asked to pay a certain ransom. However, paying the ransom does not mean that you will get your files back – most of … Continued

Shade8 Ransomware

Shade8 is a file locker that adds the “shade8” extension to user files, in addition to encrypting them. It’s based on the Hidden Tear open-source ransomware and is totally decryptable — it has a built-in backdoor that the creator put it there. Shade8 uses cryptography to lock common file types and, in theory, only the developers of the ransomware … Continued

Shariz File Locker

Shariz is the name of a ransom infection. Personal files, projects, job files that weren’t properly backed all can be completely corrupted by this virus with the help cryptography which makes them nearly impossible to recover. The virus continues to encrypt newly created files and spy on the victim, making it unsafe to use the … Continued

Shark Ransomware

Shark ransomware is a newly detected cyber threat which falls into the category of RaaS (Ransomware as a Service), joining such cryptomalwares as Stampado and Payms ransomwares. This ransomware virus has been discovered by the cyber security researcher David Montegro in the July of 2016. Ransomwares belonging to the RaaS category are especially dangerous because … Continued

Shark ransomware V2

Shark ransomware virus belongs to a specific family of file-encoders: CryptoMix. The latter virus was exploited as an example for the generation of EMPTY, Zayka and many other crypto-malware threats. According to the technical analysis of this infection, it exploits a strong RSA-2048 algorithm for encryption. As you would guess, .SHARK extension is appended to … Continued

Sherminator (Mr.Dec) Ransomware

Sherminator is a relatively new piece of malware that has started terrorizing people by locking their files and demanding money. It uses an unusual file extension for the locked files — [ID]xxxxxxxxxxxxxxxx[ID], but instead of ‘x’, you have random letters, numbers, and other symbols. This program was a few days ago, September of 2019, as … Continued

ShinoLocker Ransomware (Educational)

A new ransomware variant has been released. Just don’t panic. Its developer does not seek for extorting a hefty amount of money from you. In fact, he does not pursue extorting any money from you. ShinoLocker ransomware is a new educational ransomware developed by a cyber security researcher Shota Shinogi. This ransomware project aims at … Continued

ShutUpAndDance ransomware

On August 15, 2018, MalwareHunterTeam reported on their account about another Hidden Tear virus variant called ShutUpAndDance. This ransomware virus seems to be a typical crypto demanding threat like its other Github open-source malware project brothers AndreaGalli, PooleZoor, Sorry, Horros, Krypton, LanRan. It encrypts victim’s files with AES cipher, appends .ShutUpAndDance extension to their names and drops a READ_IT.txt ransom note with directions to contact the … Continued

Sigma Ransomware Analysis

Sigma ransomware was recently discovered by the cyber security researcher  and published on Twitter. It quickly gathered a lot of attention because of the insolent distribution methods and severe damage caused to the computers. Distributed via phishing emails Sigma virus is being distributed with phishing emails. In fact, a sample of such letter is available, … Continued

Sigrun

Sigrun virus is a recent crypto-ransomware that’s been spreading considerably fast in the virtual world since the middle of May 2018. It mainly targets English-speaking users, yet is not limited to any specific location. Although this malware does not differ from any other ransom virus, there is one thing that is unique about Sigrun and … Continued

Recent Posts

Security Guides

Recent Comments