Soft2Secure

Author Archive

Avalanche cybercrime ring leader flees after court

Avalanche cybercrime ring leader flees after court

Several days ago, we did a write-up on the international law enforcement effort against a huge online crime network dubbed Avalanche. As a result of this successful global operation, the IT infrastructure of the malware delivery platform in question was shut down. The police were able to seize a total of 39 servers, block at […]

Read more →

Posted in: News

Leave a Comment (0) →

Osiris ransomware: decrypt and remove .osiris file virus

Osiris ransomware: decrypt and remove .osiris file virus

The Locky ransomware family continues to spawn new mutated extortion programs. Its developers are evidently experimenting with payload delivery and data crippling practices. This time, the perpetrators have created another spinoff of their nefarious prototype that adds the .osiris extension to encrypted files and drops the OSIRIS-[victim_ID].htm ransom note. What is the Osiris ransomware? In […]

Read more →

Posted in: KnowledgeBase

Leave a Comment (0) →

The Avalanche malware deployment platform taken down

The Avalanche malware deployment platform taken down

Autumn 2016 didn’t end well for the international organized cybercrime. The U.S. Department of Justice, the FBI, Europol, Eurojust and Ukraine’s Department of Cyber Police, in collaboration with law enforcement agencies, prosecutors and investigators from 30 countries, zeroed in on a far-flung malware delivery network dubbed “Avalanche”. This well-orchestrated global operation with headquarters in The […]

Read more →

Posted in: News

Leave a Comment (0) →

San Francisco MUNI hacker hacked

San Francisco MUNI hacker hacked

Most ransomware deployers manage to stay unidentified because they exercise good OPSEC backed by The Onion Router and Bitcoin. The case of the cybercrook who compromised the computer network of the San Francisco Municipal Transportation Agency (Muni) last Friday turned out to be the exception rather than the rule. According to Brian Krebs, a well-known […]

Read more →

Posted in: News

Leave a Comment (0) →

.wallet file: no ransom to amagnus@india.com, stopper@india.com, lavandos@pr.com

.wallet file: no ransom to amagnus@india.com, stopper@india.com, lavandos@pr.com

A new ransomware plague is roving the Internet in search of victims. Its distinctive feature is the .wallet extension being appended to all personal files stored on a PC and network drives. The extension will also contain the attackers’ email address, which may be amagnus@india.com, stopper@india.com, or lavandos@pr.com. Researchers have denominated this strain the Dharma […]

Read more →

Posted in: KnowledgeBase

Leave a Comment (0) →

San Francisco MUNI hacked with ransomware

San Francisco MUNI hacked with ransomware

The IT infrastructure of the San Francisco Municipal Transit Agency (SFMTA), also referred to as Muni, has been suffering a deep ransomware impact since last weekend. The perpetrating program called HDDCryptor, also known as Mamba, hit more than 2,000 machines on Muni’s network. The collateral damage is that the infection disabled the agency’s digital fare […]

Read more →

Posted in: News

Leave a Comment (0) →

Cryptom27@yandex.com virus: HDDCryptor ransomware decryption and removal

Cryptom27@yandex.com virus: HDDCryptor ransomware decryption and removal

What can possibly be a more harmful computer threat than file-encrypting ransomware? The only infection that beats this malware category in terms of the damage is the perpetrating code that affects Master Boot Record of a targeted machine. HDDCryptor, aka Mamba ransomware, completely denies access to a compromised operating system, encodes important files and instructs […]

Read more →

Posted in: KnowledgeBase

Leave a Comment (0) →

ZZZZZ file virus decryption and removal

ZZZZZ file virus decryption and removal

Although restoring files encrypted by the ZZZZZ ransomware is very problematic due to a complex crypto locking mechanism, some techniques may be of help. What is the .zzzzz file virus? Zzzzz file virus is the newest version of the Locky ransomware that encrypts its victims’ data and appends the .zzzzz extension to the scrambled filenames. […]

Read more →

Posted in: KnowledgeBase

Leave a Comment (0) →

Beware of .svg file virus on Facebook

Beware of .svg file virus on Facebook

SVG stands for “Scalable Vector Graphics”, which is a fairly popular XML-based image format that allows for extensive animation effects. One of the main pros of .svg extension files for graphics designers is that these objects can be handled via commonplace text editors, just like XML text files. The virtues being obvious, cybercriminals have come […]

Read more →

Posted in: KnowledgeBase

Leave a Comment (0) →

Aesir file virus: remove ransomware and decrypt .aesir extension files

Aesir file virus: remove ransomware and decrypt .aesir extension files

A new variant of the Locky ransomware appears to be in rotation right now. As opposed to its precursor dubbed Thor, this spinoff appends the .aesir extension to one’s encrypted files. Furthermore, the infection creates an updated set of ransom notes named “([random_number])-INSTRUCTION.html” and ““([random_number])-INSTRUCTION.bmp” to provide victims with a data decryption walkthrough. The threat […]

Read more →

Posted in: KnowledgeBase

Leave a Comment (0) →
Page 3 of 24 12345...»