Soft2Secure

The Avalanche malware deployment platform taken down

The Avalanche malware deployment platform taken down

Autumn 2016 didn’t end well for the international organized cybercrime. The U.S. Department of Justice, the FBI, Europol, Eurojust and Ukraine’s Department of Cyber Police, in collaboration with law enforcement agencies, prosecutors and investigators from 30 countries, zeroed in on a far-flung malware delivery network dubbed “Avalanche”. This well-orchestrated global operation with headquarters in The […]

Read more →

Posted in: News

Leave a Comment (0) →

San Francisco MUNI hacker hacked

San Francisco MUNI hacker hacked

Most ransomware deployers manage to stay unidentified because they exercise good OPSEC backed by The Onion Router and Bitcoin. The case of the cybercrook who compromised the computer network of the San Francisco Municipal Transportation Agency (Muni) last Friday turned out to be the exception rather than the rule. According to Brian Krebs, a well-known […]

Read more →

Posted in: News

Leave a Comment (0) →

.wallet file: no ransom to amagnus@india.com, stopper@india.com, lavandos@pr.com

.wallet file: no ransom to amagnus@india.com, stopper@india.com, lavandos@pr.com

A new ransomware plague is roving the Internet in search of victims. Its distinctive feature is the .wallet extension being appended to all personal files stored on a PC and network drives. The extension will also contain the attackers’ email address, which may be amagnus@india.com, stopper@india.com, or lavandos@pr.com. Researchers have denominated this strain the Dharma […]

Read more →

Posted in: KnowledgeBase

Leave a Comment (0) →

San Francisco MUNI hacked with ransomware

San Francisco MUNI hacked with ransomware

The IT infrastructure of the San Francisco Municipal Transit Agency (SFMTA), also referred to as Muni, has been suffering a deep ransomware impact since last weekend. The perpetrating program called HDDCryptor, also known as Mamba, hit more than 2,000 machines on Muni’s network. The collateral damage is that the infection disabled the agency’s digital fare […]

Read more →

Posted in: News

Leave a Comment (0) →

Cryptom27@yandex.com virus: HDDCryptor ransomware decryption and removal

Cryptom27@yandex.com virus: HDDCryptor ransomware decryption and removal

What can possibly be a more harmful computer threat than file-encrypting ransomware? The only infection that beats this malware category in terms of the damage is the perpetrating code that affects Master Boot Record of a targeted machine. HDDCryptor, aka Mamba ransomware, completely denies access to a compromised operating system, encodes important files and instructs […]

Read more →

Posted in: KnowledgeBase

Leave a Comment (0) →

ZZZZZ file virus decryption and removal

ZZZZZ file virus decryption and removal

Although restoring files encrypted by the ZZZZZ ransomware is very problematic due to a complex crypto locking mechanism, some techniques may be of help. What is the .zzzzz file virus? Zzzzz file virus is the newest version of the Locky ransomware that encrypts its victims’ data and appends the .zzzzz extension to the scrambled filenames. […]

Read more →

Posted in: KnowledgeBase

Leave a Comment (0) →

Beware of .svg file virus on Facebook

Beware of .svg file virus on Facebook

SVG stands for “Scalable Vector Graphics”, which is a fairly popular XML-based image format that allows for extensive animation effects. One of the main pros of .svg extension files for graphics designers is that these objects can be handled via commonplace text editors, just like XML text files. The virtues being obvious, cybercriminals have come […]

Read more →

Posted in: KnowledgeBase

Leave a Comment (0) →

Aesir file virus: remove ransomware and decrypt .aesir extension files

Aesir file virus: remove ransomware and decrypt .aesir extension files

A new variant of the Locky ransomware appears to be in rotation right now. As opposed to its precursor dubbed Thor, this spinoff appends the .aesir extension to one’s encrypted files. Furthermore, the infection creates an updated set of ransom notes named “([random_number])-INSTRUCTION.html” and ““([random_number])-INSTRUCTION.bmp” to provide victims with a data decryption walkthrough. The threat […]

Read more →

Posted in: KnowledgeBase

Leave a Comment (0) →

CrySiS ransomware decryptor: decrypt .xtbl and .crysis files

CrySiS ransomware decryptor: decrypt .xtbl and .crysis files

Ransomware operators appear to be realizing the risk of being exposed and prosecuted. This pressure is being heated up by the fairly successful activity of Chainalysis, a relatively new startup aimed at tracking Bitcoin transactions. This initiative may lead to effective attribution of ransomware attacks through chasing the cryptocurrency paid by victims. The breaking news […]

Read more →

Posted in: News

Leave a Comment (0) →

iTunes Store receipt email scam

iTunes Store receipt email scam

There is an uptick in the volume of phishing emails allegedly sent on behalf of Apple’s iTunes Store. The threat actors attempt to wheedle personally identifiable information out of recipients by urging them to click on an embedded rogue link. The persuasion effect is attained through a notification about a nonexistent order that the user […]

Read more →

Posted in: KnowledgeBase

Leave a Comment (0) →
Page 1 of 22 12345...»