Malware Categories: Ransomware

ArmaLocky ransomware virus encodes files with a combination of ciphers: RSA-4096 and AES-256 algorithms. This strategy has been adopted by a number of different file-encoders like May and FileFrozr computer infections. ArmaLocky ransomware is designed to append an extension of .armadilo1 to all executables that become corrupted by the selected encryption tactic. MlsoSvc.exe is considered … Continued

A brand new version of notorious Dharma ransomware is out and it is called Arrow ransomware. On the other side, Dharma ransomware is just a clone of CrySis virus, thus those 3 viruses are very similar to each other. As always, the name reflects the extension of ransomware virus, so in this case it is … Continued

Asasin ransomware virus is the freshest variant of a terrifying Locky which has recently become one of the most active crypto-malware infections. The newly-distributed infection should not be considered as a separate threat because it is generated by the same people that created .ykcol and Lukitus variants. Most of these infections are fully functional, while … Continued

Assembly ransomware virus is a dangerous threat that can lock your personal files and then ask for a ransom to unlock them. It is a brief definition of ransomware viruses, yet it perfectly fits in this case because Assembly infection does exactly that. Obviously, it would be the best to protect your computer from viruses … Continued

Atchbo or ExoLock ransomware virus is indicated to be one of the crypto-malware examples that have been designed by extortionists for the purpose of encrypting files and demanding ransoms. Last week was rather slow for the generation of ransomware viruses as we only discussed one infection called BlackMist. Atchbo virus appends .exo extension to the … Continued

ATLAS crypto-virus has been verified to be a variation of an older ransomware sample, going by the name of CHIP. We have dedicated a thorough article to this infection back in November of 2017 and after that, its activity slowly disappeared or was so minimum that it did not trigger any radars. In April of … Continued

A couple days ago MalwareHunterTeam shared on their about another lovely-named ransomware virus Aurora. Soon enough other malware professionals and joined in providing a little bit more information about the rapidly spreading crypto-virus. Before you take any radical, stress-induced actions, please read this article to learn the best ways to deal with Aurora/OneKeyLocker virus infection … Continued

AutoTron ransomware has been noticed targeting victims the past whole month of April 2018. The working principle of this crypto-extortionist is the same as any other ransom demanding virus: it enters the computer without your consent, encrypts your most valuable files, appends .TRON extension to the affected files’ names and asks for a certain amount … Continued

Avaddon is ransomware that encrypts files. It’s relatively new, but it’s already pretty well known. It comes in malicious attachments that arrive with spam emails. Once Avaddon is downloaded and installed, it steals some data, locks files and marks them with the avdn extension. Avaddon asks hundreds of dollars from each victim if they want to … Continued

Aviso ransomware springs from Spain. The word aviso means a warning in English. It was detected this month, that is the October of 2016, and was considered to be a new variant of TorrentLocker ransomware. Aviso cryptomalware is written in AutoIt, which is compatible with Windows OS. Thus, the users of Windows is the main target of … Continued

AYE ransomware – dangerous computer virus with an encryption algorithm. It is categorized as ransomware because once infiltrated into a computer it can encrypt files and demand for a ransom in order to restore them. It is not clear how much you will be asked to pay, but the payment must be made using cryptocurrency … Continued

aZaZeL ransomware virus is one of the newest samples of malware that has surfaced in the June of 2017. Security researchers found no relation between this variant and infections that came before it, which means that the authors of aZaZeL crypto-virus might be newbies in the field of producing ransomware infections. However, the detected sample … Continued

Azer crypto-virus is an elaborate infection that proceeds with a combination of ciphers that turns executables into barely-recognizable. This variant is generated by the same creators that introduced the CryptoMix nightmare: we already analyzed it and you can read about its technical features in our article. The newer sample requires victims to contact [email protected] email … Continued

Bablo is ransomware in the Phobos family. It renames your files by adding “[[email protected]].bablo” at the end and it prevents them from being opened and read. Bablo can be removed but that won’t fix the files. Restoring the broken files is complicated and, though there are some options, there’s no guaranteed solution. In short about … Continued

Bad Rabbit ransomware virus is not joking around and a massive global outbreak was detected on 24th of October, 2017. The situation strongly resembles crises of WannaCry and NotPetya infections. Bad Rabbit is not entirely a ransomware threat as it is considered to have traits of new-and-improved version of Petya. As you might already know, … Continued

Vicious attacks against the privacy of users are becoming even more intense. Threats made by ransomware creators can make many users do whatever it takes to save their precious files. About BadBlock Ransomware BadBlock Ransomware is a severe parasite like any other ransomware. It basically puts a knife to your neck and demands money for … Continued

Just like Defray or MoonCrypter ransomware, Balbaz ransomware is a virus from Hidden Tear ransomware family. It can cause you a lot of damage – your files might be lost for ever. So if you have encountered this infection on your computer, just stick with us and learn the best possible solutions for this particular problem. … Continued

Bam! ransomware virus commenced its activity at the end of July and is known for appending .bam, extension to the digital files that become encrypted with a special crypto-code. It does not append any .txt or .html executables to get victims familiar with the terms of the release of their files. It sets an eye-stabbing … Continued

BandarChor virus has been active for a while now and security researchers assign it to the wildly growing family of crypto-ransomware. These infections are much more pressing and far-reaching than potentially unwanted programs (PUPs) that do not cause actual damage or threaten infected victims. Ransomware viruses prefer a more aggressive approach of causing undeniable jitters. … Continued

Banks ransomware was discovered recently, in the last few weeks, after some victims reported it. This malware is a part of a crypto extortion attack that’s meant to collect money from the victims who agree to pay to fix the damage that the Banks virus has done. What this ransomware does is use cryptography to … Continued

Bansomqare ransomware virus is a new example of crypto-malware. According to researchers, the ransomware uses a combination of AES and RSA algorithms to encrypt digital data. All damaged files will feature .bitcoin extension. In addition to this, specialists also indicated that the payload of this infection is disguised as a mobile application called WhatsApp. From … Continued

Banta is recognized by “.banta” extension appended to the names of files locked by this malware. The virus is one that employs cryptographic algorithms to go through your data and edit each file by scrambling the data. It’s very similar to Adame, Help, and other members of the Phobos family and is a part of … Continued

Bart ransomware at your service: an innovative virus that employs a pretty simply-put strategy, showing the world that an elaborate encryption process is not always necessary to be successful. This virus has rare qualities that were not recognized and utilized before. DEFLATE algorithm for compression is put to use in order to gather all of … Continued

Bboo is a type of Djvu malware, file-encrypting ransomware that gets accidentally downloaded with cracking tools and pirated files. Bboo is called that because it adds “.bboo” to file names. In addition, it encrypts files with a unique encryption key for each victim. This makes recovering from Bboo quite difficult, though not always impossible. There are … Continued

STOP/Djvu ransomware keeps spreading, with a new version being found every few days. Berosuce is one of them, found on the 17th of July. It’s distributed by disguising it as wanted software. Unsuspecting victims download and run it only to find their files locked and the “.berosuce” extension appended to their names. Berosuce is the … Continued

If you’ve been hit by Besub ransomware, you will notice that your files don’t open, a text file called _readme.txt is posted all over your folders, and you’re unable to visit some websites. The Besub virus should not be underestimated — in the worst case, it can lose you all of your files. It harms those who … Continued

BGTX infection is extremely dangerous – if you have it on your computer, the majority of your personal files will be damaged and you won’t be able to use it anymore. It can’t cause damage to your operating system, so you will be able to continue using the system itself. However, since most of your … Continued

BitPaymer ransomware virus has been crafted by especially greedy (and unrealistic) developers. Its payload has been determined to be DUe1bLM.exe.bin file which is proclaimed to belong to Microsoft Corporation which should automatically translate that this executable is a regular process for Windows operating system to feature. Most of the anti-viruses that detected this file to … Continued

Bizer ransomware virus is a new player in the game, but it’s not completely new –  the code of this infection is based on the notorious Dharma ransomware virus. There are rumors that Bizer virus is just a new version of Dharma, but there is no clear evidence that developers of those two ransomware infections are … Continued

Do you remember a notorious ransomware called Dharma? Well, it seems that we have a new version of it on the table – bkp ransomware. The successor of Dharma employs very similar operational methods and aims to lock the personal data stored on the infected system. This ransomware virus wants to force you to pay the … Continued

A new variant of crypto-ransomware virus has been recently spotted with a rather elegant title. Black Feather is the name that represents the newly discovered infection. Maybe crooks with a more sophisticated palette crafted this disease but its name definitely should not overshadow the main function that ransomware viruses perform: they encrypt files and make … Continued

BlackFireEye Virus – a very harmful virus that can completely ruin your personal files and cause other types of damage. It is a ransomware virus so the one and only goal of BlackFireEye is to encrypt files stored on an infected computer and then force users to pay the ransom in order to receive decryptor. … Continued

Blackhat HFD ransomware virus is created according to an older ransomware infection, called MoWare HFD we investigated in May of 2017. After a little break, the same hackers return with a new sample, but the ransomware () is not well-prepared to be treated as a serious threat. This crypto-virus does not work properly and security researchers … Continued

BlackMist ransomware virus is one of the infections that are considered to be still in development. This means that the malware does not properly function and probably does not do any damage to the files. However, hackers could have distributed their software as a test-run and might introduce an improved version later on. The same … Continued

BlackRuby ransomware virus has been detected on 6th of February, 2018. In addition to encrypting data with AES algorithm, the virus also infects people with XMRig crypto-miner. Since miners have advanced enough and are detected daily, we are not surprised that  developers attempt to make money thru this strategy as well. Therefore, even if victims … Continued

BlackRuby2 ransomware virus is named this way because it adds .blackruby2 extension to encrypted files. As always, ransomware viruses are looking to infect computers, lock certain files and then ask for the ransom to be paid in order to decrypt them. BlackRuby2 fits this description just perfectly – it will do all those things and more. … Continued

BlackSheep ransomware virus is one of those file-encrypting infections that get immediately assigned to poorly-structured samples. StupidDecrypter tool has been adjusted to successfully recover digital data which could become corrupted by this brand-new variant. Developers of ransomware included the title “BlackSheep” into the ransom note and named the payload after it. As for the extension … Continued

It seems like there is a new outbreak of ransomware infections – earlier this week we have reported that a new version of Dharma ransomware, called Arrow virus is out and now we are facing another ransomware infection that belongs to the same family of ransomware viruses. This virus is not less dangerous whatsoever – … Continued

Blitzkrieg (“lightning war” in German), is the name of a new ransomware virus that affects Windows PCs. It looks and behaves like a lot of other file locking viruses, even though it has not been identified as related to any of them yet, meaning that free decryption of the locked files has not been developed … Continued

Blood Jaws or BloodJaws is a ransomware infection. It can cause detrimental damage to your system – possibly ruining all of your personal files, making them unusable. The one and only goal of this computer virus is to make money by infecting computers, locking up files stored there and then asking for a ransom to … Continued

Blooper virus should not be indicated as a real ransomware since it does not fulfill file-encryption process. We also cannot help but notice that many crypto-viruses have been shaped according to WannaCry. Victims might be frightened of the consequences of turning off the main window of this infection, but it has been officially confirmed that … Continued

BlueEagle ransomware virus  was discovered recently and we feel the need to inform you about it. It was first noticed by a well-known malware researcher  and published on Twitter. This Blue Eagle virus is looking to infect your computer and then encrypt files stored on the system. In order to receive unique key that would … Continued

Boom ransomware is a devastating, destructive computer virus that can turn your system into the garbage and make it unusable. If you have never heard of ransomware before, it is a cryptovirus that aims to lock all personal files that are stored on your computer and force you to pay a ransom to get the … Continued

Boooam is a file-locking virus named after the email address given by it — [email protected] The victims of Boooam have had their files corrupted, and they’re encouraged by the criminal to pay for a decryptor. Cyber extortion is a lucrative and criminal business which claims new victims every day. Boooam was earlier this week and … Continued

Did your files get turned into Boop-type files? Boop is a file-locking virus that uses cryptography to encrypt (corrupt) data. There’s a key that could reverse that. In exchange for that decryption key, Boop asks you for money – from $490 to $980. This is why Boop is called “ransomware”. Although Boop can be deleted … Continued

Boot is a new version of Djvu — a big ransomware family that’s been known for about two years. Boot works by encrypting the victim’s files and leaving behind a message demanding payment. Boot is similar to Karl, Nesa, Meds, and other Djvu viruses. They all encrypt the victim’s data and then ask for a … Continued

Discovered a few days ago, Bopador is a virus that affects Windows computers and user-created files. The virus is created for extorting people out of their money. Bopador is part of the STOP ransomware family, together with Access, Cezor, Drume, and others. Bopador is a close copy of the previous STOP viruses with the ability to … Continued