Malware Categories: Ransomware

Skeleton Ransomware is dangerous ransomware infection that can cause detrimental damage to your computer. If you are not familiar with ransomware viruses yet, here’s a quick and accurate description about ransomware from Trendmicro: “Ransomware is a type of malware that prevents or limits users from accessing their system, either by locking the system’s screen or … Continued

Skull ransomware virus is not the same as SkullLocker screen locker that we have investigated before. Skull crypto-infection encodes files with AES method of cryptography and these damaged digital files become appended with a random extension, consisting of six letters. LockedByte ransomware was another variant that did not have a unique extension and simply marked … Continued

SkullLocker Screenlocker is not actually a ransomware, yet this category of malware is the closest to it. This virus can either be funny or tearful, it all depends on your ability to deal with it. So as you can guess, screenlocker aims to lock your screen and prevent you from using your computer. If you … Continued

SkyFile ransomware virus emerged at the beginning of April, 2018. Security researchers immediately noticed that this crypto-malware is filled with Russian debug logs, and has a command called “Attack” which exploits the EternalBlue. This vulnerability has been used before by ransomware viruses like WannaCry. Even though the patch for this flaw has been released, this … Continued

Skymap is a file-encrypting computer virus, a tool in the extortion scheme that has been filling the pockets of its developers since December 2018. Skymap is a new version of STOP/DJVU, a cryptovirus that spreads additional malware and changes system settings of the infected computers. Although there are a few ways to restore the encrypted … Continued

SkyName refers to a crypto-ransomware sample, targeting people from Czech Republic or other locations that might be using Czech language over others. It is possible that upon slithering into a device, a payload of SkyName virus is going to check whether Czech language is set as the preferred one. If it is not, it is … Continued

Smash! Ransomware is a new malicious program detected by MalwareHunterTeam. It uses the imagery from Super Mario Bros, a platform video game by Nintendo, namely, the image of the Super Mushroom, holding a knife. Though it calls itself a ransomware and acts in the ransomware-like manner, it cannot be regarded as one of the most … Continued

Smrss32 ransomware is a new ransomware discovered (about few weeks old), which states in the overelaborate ransom note that it is CryptoWall ransomware. Actually, it is the falsehood of the legend that its developers want to surround this ransomware virus. Smrss32 virus is simply another AES encryptor. About Smrss32 Ransomware Smrss32 cryptomalware encrypts the victim’s … Continued

SnowPicnic is a recently discovered computer virus that is officially listed as ransomware. Various cyber security experts believe that it is a clone of EnybenyCrypt virus, but it’s not known whether it is distributed by the same cyber criminals. Also, SnowPicnic ransomware employs different extension to lock files, so the same decryptor can’t be used for … Continued

Sodinokibi is an encrypting ransomware virus that targets servers which run Oracle WebLogic. The virus asks you to pay thousands of dollars to get your files back. On top of that, Sodinokibi developers also spread Gandcrab 5.2 to try and profit even more. Individuals usually have their computers infected in an automated way, with the help … Continued

SOLO ransomware is the newest cryptovirus discovery, which was spotted by the malware expert on October 22, 2018. This ransom demanding threat seems to be targeting German-speaking regions since the ransom note is written in German, however, that does not mean that SOLO virus cannot infect your PC if you are located elsewhere. SOLO Verschlüsselungssoftware (SOLO … Continued

Somik1 is a relatively new ransomware infection. It breaks the victim’s files by running them through a cryptographic algorithm and it asks for Bitcoins as “payment” for fixing them. Somik1 affects Windows PCs and its ransom notes are in English. It might be possible to fix the broken files for free with the decrypters that … Continued

This ransomware is dubbed “Sorry virus” because of the extension it adds to the encrypted files. Yet again, it is another ransomware based on Hidden Tear ransomware project. It is the main source of ransomware infections lately, as viruses like Krypton ransomware or ScammerLocker are also based on this project. If you are not familiar … Continued

The ransomware DCRTR-WDM hasn’t been idle and a new variant SOS (called that because it changes names of the files by adding “SOS” to the end) has started infecting computers. SOS is just another traditional file-encrypting extortion virus that doesn’t have a free decrypter available. SOS follows after various other WDM infections, such as Cryptes, … Continued

SpamHaus virus is a ransomware program that has used the name of an International nonprofit organization responsible for maintaining a number of realtime spam-blocking databases. Cyber criminals took this name and created a nasty program that seeks to steal money from computer users. Please note that a legitimate application SpamHaus does not collect money from … Continued

Spartacus ransomware virus is a new malware threat, targeting computers and encrypting digital files. Victims will notice a window with the instructions: extortionist insist that victims would write an e-mail message to [email protected] or [email protected] addresses. The exact ransom is not mentioned in the ransom note, and people will be informed of the fee after … Continued

Spiteful Doubletake – extremely dangerous computer virus that can completely paralyze your system. It is classified as ransomware, so once inside of your computer it will encrypt all personal files and demand a ransom in an exchange of a decryptor, which can unlock your files and put everything back to normal. Even though this infection … Continued

SpongeBob is a character on kids TV series, yet this time it means something different – Spongebob ransomware is another Bitcoin ransomware. ‘Spongebob ransomware turns out to be pretty square’ – on point headline from cyber security researchers at Scmagazine (1). Actually this virus is labeled as Spongebob ransomware 2.0 as we have seen a … Continued

Spora ransomware virus (1) was one of the novel infections that modified the common hassle of transmitting .zip files that possessed HTA file, managing to run an executable of JavaScript VBScript. According to the reports from June, Spora has adopted a more evasive strategy, skillful enough to remain undetected by anti-virus tools and other malware-hunting … Continued

Sqpc is a new ransomware infection. Sqpc breaks files by encrypting them and then adds a second extension, “.sqpc”, to their names. Then it tells you to pay hundreds of dollars to get your data back. And there’s no easy way to fix or decrypt it. Additionally, Sqpc installs adware and spyware that can lead … Continued

Sspq is a malicious program – file-encrypting ransomware. It’s part of the Djvu family along with Qscx, Mppq, Pahd, and other variants. Sspq infects Windows computers and locks files, then asks for money in exchange for unlocking them. After Sspq’s infection, it’s needed to remove all malware and consider your options of recovering the encrypted files. Unless … Continued

At the beginning of May 2018 a new crypto ransomware, called StalinLocker, has been noticed targeting primarily Russian – speaking users. Every part of this virus, starting with the name and ending with the screen note, is screaming – communism. However, the most interesting part is that it doesn’t require cryptocurrency ransom for the decryption … Continued

Stampado ransomware just like Payms ransomware is being sold on the Dark Web. Stampado cryptomalware shares many characteristics of CryptoLocker virus but cyber security researches concluded that Stampado virus has not been created by the same developers. This ransomware threat is being sold at the most ridiculous price ever – 39 USD is asked for … Continued

Stare is a cryptovirus and is a new version of the active Djvu (STOP) ransomware family. Stare’s developers make money by extorting the people whose computers they infect. This works because Stare targets what’s most precious to us — family photos, personal projects, schoolwork and job documents. When you think about your most important, months-long … Continued

StorageCrypter is a ransomware infection that uses the same encryption extension as notorious Locky virus. However, this computer virus is relatively new, thus there isn’t a lot of information about it yet, as we can only analyse some files of StorageCrypter that were uploaded to Virus Total Hybrid Analyscis websites. You might be already aware … Continued

Striked ransomware virus progressed to the point where security researchers had to consult victims about the possible elimination and decryption processes. This crypto-virus surfaced sometime around the 6th of July; shockingly, no explicit explanations about this infection have not been made yet. The Python language was selected to generate the infection and the creation was … Continued

Styx ransomware virus has been officially detected on 14th of December. However, one security researcher claims to have discovered it a while back, but got distracted due to a more intimidating crypto-virus. From the looks of it, the malware is not related to any previous infections. Therefore, it cannot be associate with any of the … Continued

SuperCrypt Ransomware is a very dangerous infection targeted to users from Europe. The main target of this ransomware is Windows Servers with Windows 2003 and Windows Server operating systems. The scheme of SuperCrypt ransomware is really similar to all other ransomware – firstly it encrypts files on server and then users are asked to pay … Continued

Suri is the name of an extremely dangerous computer virus. Recently discovered by MalwareHunterTeam and published on Twitter, this infection is classified as ransomware and it can cause severe damage to your personal files or completely paralyze your entire operating system, making your computer unusable. It seems that this particular infection is targeted to users … Continued

SyncCrypt ransomware virus is extortionists’ tireless venture to threaten computer owners into silently handing over impressive sums of bitcoins. This threat has something in common with Locky crypto-virus: they both have been noticed to be transmitted in .wsf infectious files. In a neat readme.html and readme.png, people are introduced with most of the terms that … Continued

Syrk Ransomware is a file-encrypting virus that made waves recently for pretending to be a Fortnite cheat tool. Once it’s tricked the victim to download it, it makes a demand to be contacted so that the victim can send money to the developers of Syrk in the hopes of being freed from this malware. Syrk … Continued

If you have found your files renamed with the sysfrog extension and the [email protected] address in their names — the files unopenable, not recognizable by your programs — your computer must have been infected with Sysfrog. Sysfrog is a ransomware virus that encrypts files and demands money (around $3000) for fixing them. Even when the Sysfrog … Continued

SZFLocker ransomware is a Polish file-encrypting virus. It is a new ransomware threat, so security experts have not performed an extensive analysis of it yet. Once it is carried out, we will present you with the findings. At first blush, SZFLocker seems a typical sample of recent data-locking viruses, employing the same tactics. It sneaks … Continued

Even though some crypto-ransomware viruses include references to Japan in their titles (JapanLocker, KawaiiLocker) they do not seem to be targeting people from this country. However, Takahiro Locker seems to be focused on the latter audience as its ransom note and the lock screen present texts, written in Japanese characters. Anti-malware tools are able to … Continued

Tanos has been classified as GlobeImposter 2.0. This virus is a file-locker that encrypts the data on the infected system, preventing the victim from accessing their own files. Tanos is very similar to other GlobeImposter 2.0 variants, like Healforyou and IGAMI, though it’s not exactly known if the distributors are the same people. Either way, they’re is … Continued

Do not be distracted by a delightful title and a mascot of TAR-Fluffy ransomware infection. Despite featuring a picture of an executable, containing a picture of a fluffy, tiny animal, the seriousness of this variant should not be underestimated. This specific example should be aiming at a specific audience: English and French speaking users since … Continued

TastyLock ransomware virus belongs to a big family of crypto-malware infections called CryptoMix. Released on January of 2017, CryptoMix virus had frequently resurfaced, but carried a different name. For instance, one of the oldest versions is CryptoShield which was released in February. One of the newest samples has been dubbed as WORK ransomware and its … Continued

TBlocker virus is a threatful ransomware infection that will try to rip you off for $300. It serves both as files locker and a screenlocker, so if you get infected with this virus – a lot of problems to deal with will be ahed of you. In case your computer is suffering from TBlocker or … Continued

Teamo ransomware is a recently discovered computer virus that aims to lock files using AES or RSA cryptography algorithms. It was discovered and published by Karsten Hahn, cyber security researcher. This virus features all the most common traits for a ransomware infection and is not really difficult to figure out. However, regardless that fact, it … Continued

TeamXRat (or Xpan, the earlier version is called Xorist) ransomware is no longer a threat. The cyber security researchers of Kaspersky Lab have managed to decrypt this cyber bug. It was detected as Trojan-Ransom.Win32.Xpan.a and PDM:Trojan.Win32.Generic. This cryptomalware was developed by Brazilian hackers, who call themselves TeamXRat or CorporacaoXRat (CorporationXRat in English). TeamXRat ransomware virus … Continued

Telecrypt ransomware is a new peculiar ransomware virus discovered by the researchers of Kaspersky Lab, namely, Anton Ivanov and Fedor Sinitsyn, at the beginning of November, 2016. This new ransomware virus has been called Telecrypt because it uses Telegram instead of the C&C (Command and Control) server to send the generated decryption key to the … Continued

TeslaCrypt emerged in the March of 2015 as ransomware targeted at gamers. Since then it has had a decryptor released (more below). Not all TeslaCrypt variants have been solved by this decryption tool, but many have been. However, a. It could be a coincidence, or it could herald a return for TeslaCrypt. TeslaCrypt is the … Continued

Have you noticed that most of your files (images, spreadsheets, documents, and others) can’t be opened anymore? Locked files are a clear symptom of a ransomware infection but most cryptoviruses leave a clear way to identify them by editing the names of the locked files. TFlower is one of the cryptoviruses that prefer to not … Continued

Tfudeq is a newly discovered, dangerous computer virus that can completely ruin your system and lock all of your personal files. In case you are wondering how this virus manages to lock files stored on a hard drive, it’s really simple – it employs unique cryptography and changes the structure of your files. That means they … Continued

Yet another dangerous virus Thanatos was discovered by MalwareHunterTeam just yesterday and we already have our hands on it. This virus is categorised as a ransomware, i.e. it will try to encrypt your files and demand a ransom to be paid in order to retrieve them. In fact, it is a very first ransomware infection … Continued

Thanos ransomware encrypts files and may steal data. It has many variants, including “locked”, “getin”, “CRYSTAL”, “secure”, “kingdee”, “VIPxxx”, and others. Thanos tends to spread with phishing emails. It is ransomware-as-a-service and it is related to Prometheus and Hakbit. About Thanos ransomware: Threat type Ransomware, trojan. How to recognize Thanos Thanos uses many different file extensions and … Continued