Results for Joie Salvio

Threat Research

GandCrab V3 Accidentally Locks Systems with New ‘Change Wallpaper’ Feature

GandCrab is one of the most talked about ransomware families this year primarily due to its increasing distribution volume, as we described in our previous article. At the end of last month, FortiGuard Labs discovered a new spam wave from the same campaign delivering the latest version, GandCrab v3.

By Joie SalvioMay 04, 2018

Threat Research

Group Behind VenusLocker Switches From Ransomware to Monero Mining

There is no doubt that cryptocurrency has been on a steady rise. According to a research paper by the University of Cambridge, the market capitalization of cryptocurrency has increased more than three-fold since early last year and it’s not likely to stop there. With more and more people realizing that cryptocurrency is potentially a significantly profitable investment, this rise is likely to continue for the foreseeable future. And where there is profit, that is where malware attacks will gather. Which is why we have been expecting...

By Joie SalvioDecember 20, 2017

Threat Research

A Closer Look at the Mamba Ransomware that Struck San Francisco Rail System

  Recently, the San Francisco Municipal Transportation Agency, also known as MUNI, was attacked by a new variant of Mamba (a.k.a HDDCryptor) – a disk-encypting ransomware. The incident left their ticketing services with inoperational systems and a note that read, “You Hacked,ALL Data Encrypted,Contact For Key(cryptom27@yandex.com)” Fortinet first discovered Mamba two months ago. Since then, it has been under the radar – until this big attack. We will now take a look at a few irregularities and some new developments...

By Joie SalvioDecember 05, 2016

Threat Research

OffensiveWare: A New Malware-as-a-Service Platform Takes a Fitting Label

In recent years, with the active efforts of law enforcements to takedown infamous Trojan spywares such as Dridex and GameOver Zeus, one could claim that their status as a predominant threat has died down and given way to ransom malware. But this has not not stopped small groups of individuals from trying to keep this lineage of malware alive. The increasing popularity of Malware-as-a-Service (MaaS) platforms has provided a new way for criminals to keep themselves on the malware profit chain by enticing a wider audience with their malicious...

By Joie SalvioOctober 11, 2016

Threat Research

Dissecting Mamba, the Disk-Encrypting Ransomware

  Another new ransomware has joined the file-encrypting bandwagon. Only this time, instead of choosing what types of files to encrypt, it has decided to join the league of a few others and encrypt the entire disk directly using an open-source tool called DiskCryptor. This is not the first time that disk-encrypting ransomware has hit the spotlight. Earlier this year, Petya ransomware wreaked havoc by encrypting disks through the master file table (MFT), denying access to user files. Unlike that former attack, however, this new ransomware...

By Joie SalvioSeptember 27, 2016