Results for cryptoware

Threat Research

Ransomware – From Fins to Wings

The FBI recently published a report claiming that ransomware victims paid out over US$209 million just in the first quarter of 2016, compared to US$24 million for all of 2015. Ransomware has very quickly become the most fashionable malware on the market, flooding the threat landscape in ways never seen before. We are seeing new strains of ransomware almost every single day. What is Ransomware? Ransomware is malware that locks access or functionality on your computer and then demands payment in exchange for restoring normal operations...

By David MaciejakJune 24, 2016

Threat Research

Dogspectus Ransomware Analysis

On April 25, 2016, Blue Coat published an article on a new Android Ransomware, called "Dogspectus.” On May 12, 2016, Dell SonicWALL published a separate report on the Android Lockscreen malware campaign with similar characteristics to Dogspectus. These similarities are not a coincidence. We began our own extensive investigation into this ransomware some time ago, and will share additional technical details of this malware here that have not been previously discussed. Technical Details The main Android Application Package (APK) of...

By Homing TayMay 19, 2016

Threat Research

The Arms Race against Ransomware Threats

Back when I was in college, I remember one day our class asked our programming professor, “how do we create a virus?” Understandably, our professor refused to answer the question. However, after some persuading, he eventually agreed to give us one example. It looked like this: del C:\\*.* Suddenly, the class was enlightened. More than that, I was personally astounded. How could a single line of code do so much damage?? Fast forward to today, and I am still astounded, perhaps for a slightly different reason. I came to realize...

By Roland Dela PazApril 12, 2016

Threat Research

KimcilWare Ransomware: How to Decrypt Encrypted Files and who is Behind It

A new ransomware targeting Magento Websites was recently discovered by the Malware Hunter Team and Lawrence Abrams. This post intends to share additional findings of the FortiGuard Lion Team, specifically on three areas: 1) KimcilWare’s backdoor capabilities; 2) how can we decrypt files encrypted by KimcilWare and 3) the hacker group who may be behind it. KimcilWare Backdoor Aside from encrypting files, KimcilWare is capable of opening backdoor as well as uploading files to affected sites. The following KimcilWare code snippet shows...