KillDisk now targeting Linux: Demands $250K ransom, but can’t decrypt

ESET researchers have discovered a Linux variant of the KillDisk malware that was used in Ukraine in attacks against the country’s critical infrastructure in late 2015 and against a number of targets within its financial sector in December 2016. This new variant renders Linux machines unbootable, after encrypting files and requesting a large ransom. But … More KillDisk now targeting Linux: Demands $250K ransom, but can’t decrypt

ESET releases free decryptor for Crysis ransomware

Update (March 2nd, 2017): Decryption tool for Crysis ransomware updated for new version Today, ESET has released updated version of its free decryptor for victims of Crysis ransomware, adding new variant of the infamous ransomware – .dharma – to its list. The current update of ESET’s decrypting tool now can help victims of six variants … More ESET releases free decryptor for Crysis ransomware

NHS increasingly being targeted by ransomware attacks

NHS hospitals are increasingly being targeted with ransomware attacks, according to an investigation. The online newspaper found that in the past 12 months, at least 30 NHS trusts in England have been victim to this particular type of attack. In four cases, the incident had to be reported as a “potential breach of data protection or … More NHS increasingly being targeted by ransomware attacks

Ransomware: Expert advice on how to keep safe and secure

Ransomware is malicious software that criminals use to hold computers or computer files to ransom, demanding payment from victims to get them back. Sadly, ransomware is an increasingly popular way for malware authors to extort money from companies and consumers alike. Paying criminals is never a good idea, even when it seems expedient. Ransomware authors … More Ransomware: Expert advice on how to keep safe and secure

School ransomware: A threat to be aware of

It can often feel like every day brings news stories about ransomware attacks on businesses, particularly at hospitals and schools. While the life-or-death nature of hospital data might force some healthcare organizations to accede to criminals’ demands in hopes of restoring access to that data as quickly as possible, some schools are also falling prey to these demands. Paying criminals … More School ransomware: A threat to be aware of

TorrentLocker: Crypto-ransomware still active, using same tactics

In December 2014, ESET released a white paper about TorrentLocker, a crypto-ransomware family spreading, via spam, email messages that impersonated local postal service, energy or telecom companies. The paper described its distribution scheme, its core functionalities, its network protocol and exposed some similarities with the Hesperbot banking trojan. During the last few months, we decided to … More TorrentLocker: Crypto-ransomware still active, using same tactics