For the most part, this week has been fairly quiet with not a lot of new ransomware released and only a few large-scale ransomware attacks.
Other than that, it has been thankfully pretty quiet.
Contributors and those who provided new ransomware information and stories this week include: @LawrenceAbrams, @jorntvdw, @Seifreed, @Ionut_Ilascu, @VK_Intel, @malwareforme, @PolarToffee, @BleepinComputer, @serghei, @demonslay335, @malwrhunterteam, @struppigel, @FourOctets, @fwosar, @DanielGallagher, @siri_urz, @JAMESWT_MHT, and @fbgwls245.
May 23rd 2020
dnwls0719 found a new variant of the Dharma Ransomware that appends the .payb extension to encrypted files.
May 25th 2020
Michael Gillespie found a new ransomware called Black Claw that appends the .bclaw extension to encrypted files and drops a ransom note named RECOVER YOUR FILES.hta.
May 26th 2020
Starting last year, ransomware operators have escalated their extortion strategies by stealing files from victims before encrypting their data. These stolen files are then used as further leverage to force victims to pay.
A new ransomware threat called [F]Unicorn has been encrypting computers in Italy by tricking victims into downloading a fake contact tracing app that promises to bring real-time updates for COVID-19 infections.
May 27th 2020
Ransomware has become one of the most insidious threats in the past couple of years, with actors scaling up their operations to the point that the average ransom demand increased more than 10 times in one year.
Michael Gillespie discovered a new STOP Ransomware variant that appends the .pezi extension to encrypted files.
May 28th 2020
Michigan State University received a deadline to pay ransomware attackers under the threat that files stolen from the institution’s network will be leaked to the public.
Michael Gillespie found a new ransomware that appends the .banks1 extension and drops a ransom note named ReadMe.txt.
Jack found a new ransomware that I will, uh, let the image for speak for itself:
May 29th 2020
S!Ri found the new Zorab Ransomware that appends the .ZRB extension to encrypted files and drops a ransom note named –DECRYPT–ZORAB.txt.
Jack found a new Jigsaw Ransomware variant appending the .ElvisPresley extension to encrypted files.