Ransomware is not exactly a new problem, but it's one that seems to be getting increasingly serious. Every week there's a new high profile attack out there including the likes of CryptXXX and PETYA. One of the biggest names, TeslaCrypt, has suddenly thrown in the towel and offered up a free decryption key for its victims.

The surprise move comes just a couple of months after version 4 of TeslaCrypt gained what was described as "unbreakable encryption". The closure is somewhat bittersweet. The shutdown comes as attackers switch to using CryptXXX instead, but perhaps the most surprising aspect is the fact that the site formerly used to accept Bitcoin ransom payments is now where you'll find the decryption key needed to gain access to your files.

Continue reading →

If your files have been scrambled by malware then a decrypter may be able to save the day -- but you’ll need to find it, first. Emsisoft has announced its own Decrypter page, a single source where you’re able to browse and download any of the company’s 14 free decrypters.

The page provides clues to help you find out exactly which type of ransomware might have infected your PC.

Continue reading →

Ransomware is something like the digital version of Kanye West -- everyone hates it, but its popularity just keeps on growing. And it takes your money for things you really don’t want to buy.

The news about the rising popularity of ransomware was confirmed by security firm Kaspersky Lab, which released its quarterly report into the state of malware.

Continue reading →

If it feels as though you've heard an awful lot about ransomware recently, that's because you have. It's a problem that just seems to be getting worse, and ESG -- the security outfit behind anti-malware program SpyHunter -- has released figures that shows April was the worst month ever recorded for ransomware in the US.

The rate of infection rocketed last month, with the numbers more than doubling when compared to March. While there have been a few high-profile cases of large businesses getting hit with ransomware, increasing numbers of ordinary people are also falling victim.

Continue reading →

As we've seen in recent reports, ransomware is an increasingly big problem. But how much do people know about it and methods to protect themselves?

Security researchers at ESET surveyed over 3,000 people across the US and Canada to gauge their understanding of ransomware and unearthed some interesting findings.

Continue reading →

Security firm Kaspersky has released a tool that can be used to decrypt files on computers hit by the CryptXXX ransomware. Rather than paying the ransom demanded to regain access to files, victims are now able to turn to the free RannohDecryptor utility.

CryptXXX had been identified by ProofPoint earlier in the month and described as being closely linked to the Reveton ransomware operation and Angler/Bedep. The ransom of $500 is considered to be quite high, but Kaspersky's free decryption tool means that files can be retrieved without having to part with a cent.

Continue reading →

There is no denying that ransomware attacks are a very real threat for businesses. Given the ever-growing value of data and the importance of business continuity, organizations that have fallen victim to such attacks either face a period of downtime or they pay out in order to retrieve their data to resume business as normal.

Headline-grabbing examples, such those affecting the Hollywood Presbyterian Medical Center, or Lincolnshire County Council, are no doubt only the tip of the iceberg. How many others are giving in to ransomware demands without revealing they ever had a problem in the first place?

Continue reading →

The PETYA ransomware is just one of the recent examples of malware that encrypts victims' hard drives until a fee is paid. The advice from the government is not to pay the ransom -- or at least not expect to get a decryption key if you do -- but a password generator has been created that means you can decrypt your hard drive for free.

While TeslaCrypt 4 boasts 'unbreakable encryption', the same cannot be said of PETYA, although the PETYA ransomware does have the irritating habit of overwriting MBRs. This does mean that there is no way to interact with the drive on the infected computer, but with access to a spare machine to read the drive and access to the online tool created by Leostone, you could have your data back in seconds. As the tool's website proudly proclaims, you can "Get your petya encrypted disk back, WITHOUT paying ransom!!!" -- here's what you need to do.

Continue reading →

Ransomware is one of the most prevalent security threats at the moment, and each week there are new examples that up the ante a little more. In recent months we have seen cross-platform ransomware, Tesla 4's unbreakable encryption, and the MBR-overwriting antics of PETYA, but a new phishing scam takes another approach.

In a cleverly orchestrated campaign, a phishing scam is doing the rounds whereby malware meets social engineering in a bid to extract cash from victims. It marries together the file-encrypting Maktub ransomware with a thinly-veiled threat -- home addresses. Quoting victims' home addresses to them serves two purposes: it adds a level of authenticity to the phishing email, but also acts as additional leverage by upping the fear level.

Continue reading →

Malware is far from being a new problem, but the inexorable rise of ransomware has taken many by surprise. There have been a number of very high profile instances of ransomware such as PETYA, and the threat is perceived as being so high that the US and Canada have taken the unusual step of issuing a joint security alert.

The likes of TeslaCrypt 4 feature 'unbreakable encryption' and use scare-tactics to encourage victims to part with their money. This is what has prompted the joint alert from the US Department of Homeland Security and the Canadian Cyber Incident Response Centre which warns about "destructive ransomware variants such as Locky and Samas". Interestingly, the advisory actively discourages victims from bowing to ransom demands.

Continue reading →

The FBI has began seeking the assistance of companies in the US to streamline its investigation on an increasing ransomware threat in the country.

The FBI is looking into a strain of ransomware called MSIL/Samas, which has been encrypting data across entire networks rather than single computers, Reuters reports. The ransomware infects machines before encrypting data and asking for money in return of the access.

Continue reading →

Ransomware has already caused businesses real trouble this year and recently, security firms have warned about a sudden surge in junk mail messages containing this kind of malware. It seems that organized criminals are now increasingly targeting businesses, which can offer them bigger returns than going after individuals.

The first wave of ransomware started in 2005 and was called Trojan.Gpcoder. Now the security industry (and many unfortunate users) are discovering new variants almost every day. For example, a strain called Locky, discovered only two weeks ago is now the second most prevalent form. Currently, it asks for three Bitcoins (about £885) as payment for the decryption key.

Continue reading →

Bitdefender Labs has released BDAntiRansomware, a free tool which keeps your PC safe from some of the most common ransomware threats.

The program "protects against known and possible future versions of the CTB-Locker, Locky and TeslaCrypt crypto ransomware families", the company explains.

Continue reading →

Ransomware is the malware du jour, and each strain seems more vicious than the last. As with any virus variant, there is a game of cat and mouse played out between virus writers and security companies as each battles to outwit the other.

Trying to get ahead of the curve, Bitdefender has released a tool that offers protection against the likes of CTB-Locker, Locky and TeslaCrypt. When it comes to dealing with ransomware the advice, unfortunately, has become a case of either pay up, or revert to data backups. Alternatively, you could try prevention rather than cure, and Bitdefender's 'crypto-ransomware vaccine' could be what you've been looking for.

Continue reading →

Crypto-ransomware is the malware du jour, and the likes of TelsaCrypt 4 and KeRanger are just some of the names to hit the headlines recently. One of the latest examples of ransomware, PETYA, is taking a slightly different and more worrying approach -- it not only targets enterprise users, but also encrypts entire hard drives rather than just a selection of files.

PETYA -- also known as RANSOM_PETYA.A -- goes to some lengths to make sure that victims know that their computers are infected, overwriting the MBR (Master Boot Record) to display a ransom note during the boot process. The malware uses a "military grade encryption algorithm" to lock users out of their files, and victims are directed to venture onto the dark web using the Tor browser to make a Bitcoin ransom payment.

Continue reading →