Ransomware

Remove Toec Virus Ransomware (+File Recovery)

About Toec Toec is ranked by our antivirus team as the DJVU cryptoware family. Another variants of this family is Meka, Nakw, Derp, and some others. There are certain protection programs that bypass it as well as therefore permitting its intrusion. Actually, we have to name it so, because of the “.toec” extension that it appends at the end of …

Read More »

Ransomware attacked two Spanish companies: the local Internet is in panic as during the WannaCry days

Ransomware attacked Spanish companies

Recently ransomware attacked two large Spanish companies. Both infections occurred on the same day, causing a short-term panic in the Spanish Internet segment due to memoriess of the WannaCry epidemic two years ago. In Spain, on May 12, 2017, one of the first WannaCry ransomware viruses was discovered. Then under an attack got Spanish newspaper El Mundo and Internet service …

Read More »

Remove Meka Virus Ransomware (+File Recovery)

About Meka Meka is classified by our antivirus team as the DJVU virus genus. Another variants of this family is Nakw, Derp, Coot, and some others. There are certain protection programs that skip it as well as therefore letting its irruption. Actually, we have to call it that, because of the “.meka” extension that it attaches at the end of …

Read More »

Remove Nakw Virus Ransomware (+File Recovery)

About Nakw Nakw is assorted by our malware research team as the DJVU cryptoware family. Another variants of this family is Derp, Coot, Nols, and some others. There are certain antiviruses that bypass it as well as therefore permitting its invasion. Actually, we have to name it so, because of the “.nakw” extension that it adds at the end of …

Read More »

Remove Derp Virus Ransomware (+File Recovery)

About Derp Derp is assorted by our virus analyst team as the DJVU cryptoware genus. Another variants of this family is Coot, Nols, Werd, and some others. There are certain antiviruses that bypass it as well as therefore permitting its intrusion. Actually, we have to call it that, because of the “.derp” extension that it attaches at the end of …

Read More »

Remove Coot Virus Ransomware (+File Recovery)

About Coot Coot is ranked by our virus analyst team as the DJVU virus family. Another variants of this family is Nols, Werd, Leto, and some others. There are certain protection programs that bypass it as well as therefore letting its invasion. Actually, we have to call it that, because of the “.coot” extension that it adds at the end …

Read More »

Remove Nols Virus Ransomware (+File Recovery)

About Nols Nols is classified by our virus analyst team as the DJVU ransomware family. Another variants of this family is Werd, Leto, Bora, and some others. There are certain protection programs that bypass it as well as therefore allowing its invasion. Actually, we have to call it that, because of the “.nols” extension that it joins at the end …

Read More »

Remove Leto Virus Ransomware (+File Recovery)

About Leto Leto is ranked by our virus analyst team as the DJVU cryptoware infection. Another variants of this family is Bora, Reco, Xoza, and some others. There are certain scanners that skip it as well as therefore allowing its intrusion. Actually, we have to name it so, because of the “.leto” extension that it attaches at the end of …

Read More »

Attackers exploited a 0-day iTunes vulnerability to spread ransomware

0-day ransomware iTunes vulnerability

MorphiSec specialists found that BitPaymer ransomware operators use the 0-day vulnerability in iTunes for Windows to distribute their malware, which allows them to trick anti-virus solutions on infected hosts. The problem was discovered after studying the attack on an unnamed automobile industry enterprise that suffered from BitPaymer in August this year. “We have identified the abuse of an Apple zero-day …

Read More »

Remove Bora Virus Ransomware (+File Recovery)

About Bora Bora is classified by our malware research team as the DJVU cryptoware infection. Another variants of this family is Reco, Xoza, Mike, and some others. There are certain scanners that ignore it as well as therefore permitting its irruption. Actually, we have to name it so, because of the “.bora” extension that it joins at the end of …

Read More »

Remove Reco Virus Ransomware (+File Recovery)

About Reco Reco is classified by our malware research team as the DJVU ransomware infection. Another variants of this family is Xoza, Mike, Noos, and some others. There are certain protection programs that ignore it as well as therefore permitting its intrusion. Actually, we have to term it that way, because of the “.reco” extension that it adds at the …

Read More »

Remove Xoza Virus Ransomware (+File Recovery)

About Xoza Xoza is ranked by our antivirus team as the DJVU virus family. Another variants of this family is Mike, Noos, Kuub, and some others. There are certain scanners that ignore it as well as therefore permitting its irruption. Actually, we have to term it that way, because of the “.xoza” extension that it joins at the end of …

Read More »

Remove Mike Virus Ransomware (+File Recovery)

About Mike Mike is classified by our virus analyst team as the DJVU virus infection. Another variants of this family is Noos, Kuub, Boot, and some others. There are certain protection programs that bypass it as well as therefore permitting its irruption. Actually, we have to term it that way, because of the “.mike” extension that it adds at the …

Read More »

Remove Noos Virus Ransomware (+File Recovery)

About Noos Noos is classified by our virus analyst team as the DJVU virus family. Another variants of this family is Kuub, Boot, Nesa, and some others. There are certain protection programs that ignore it as well as therefore permitting its invasion. Actually, we have to call it that, because of the “.noos” extension that it joins at the end …

Read More »

Remove Kuub Virus Ransomware (+File Recovery)

About Kuub Kuub is classified by our malware research team as the DJVU cryptoware genus. Another variants of this family is Boot, Nesa, Karl, and some others. There are certain antiviruses that skip it as well as therefore allowing its invasion. Actually, we have to call it that, because of the “.kuub” extension that it attaches at the end of …

Read More »

Remove Boot Virus Ransomware (+File Recovery)

About Boot Boot is ranked by our antivirus team as the DJVU cryptoware infection. Another variants of this family is Nesa, Karl, Domm, and some others. There are certain protection programs that ignore it as well as therefore allowing its irruption. Actually, we have to name it so, because of the “.boot” extension that it adds at the end of …

Read More »

Researchers found a link between Sodinokibi and GandCrab ransomware

Sodinokibi and GandCrab Ransomware link

A new campaign using the REvil ransomware (also known as Sodinokibi) linked and has similarities with the GandCrab malware. According to researchers from the Secureworks Counter Counter Unit team, both malware can be the work of the same author. “Analysis suggests that REvil is likely associated with the GandCrab ransomware due to similar code and the emergence of REvil as …

Read More »

Remove Nesa Virus Ransomware (+File Recovery)

About Nesa Nesa is assorted by our virus analyst team as the DJVU cryptoware infection. Another variants of this family is Karl, Domm, Domn, and some others. There are certain antiviruses that skip it as well as therefore permitting its intrusion. Actually, we have to call it that, because of the “.nesa” extension that it attaches at the end of …

Read More »

Users are afraid to talk about the “STOP” — one of the most active ransomwares of this year

STOP the most active ransomware

The Bleeping Computer publication drew attention to the STOP ransomware, which according to the ID Ransomware service, created by the famous information security expert Michael Gillespie, is one of the most active threats this year, along with Ryuk, GandCrab and Sodinkibi. The prevalence of STOP is also confirmed by the extremely active forum Bleeping Computer, where victims seek help. However, …

Read More »

Remove Karl Virus Ransomware (+File Recovery)

About Karl Karl is ranked by our antivirus team as the DJVU virus genus. Another variants of this family is Domm, Domn, Kvag, and some others. There are certain scanners that bypass it as well as therefore permitting its intrusion. Actually, we have to call it that, because of the “.karl” extension that it adds at the end of your …

Read More »

Remove Domm Virus Ransomware (+File Recovery)

About Domm Domm is assorted by our malware research team as the DJVU ransomware family. Another variants of this family is Domn, Kvag, Meds, and some others. There are certain protection programs that bypass it as well as therefore allowing its irruption. Actually, we have to name it so, because of the “.domm” extension that it appends at the end …

Read More »

Researchers say about growing activity of TFlower, another ransomware that uses RDP

TFlower ransomware uses RDP

According to Bleeping Computer, the activity of TFlower, a ransomware that uses RDP and is focused on corporate networks, has begun to gain momentum. The malware arrived in late July and installs into the system after a hacker attack aimed gaining access to the Remote Desktop service. “With the huge payments being earned by ransomware developers as they target businesses …

Read More »

Remove Domn Virus Ransomware (+File Recovery)

About Domn Domn is assorted by our malware research team as the DJVU cryptoware genus. Another variants of this family is Kvag, Meds, Moka, and some others. There are certain scanners that ignore it as well as therefore allowing its irruption. Actually, we have to call it that, because of the “.domn” extension that it appends at the end of …

Read More »

Nemty ransomware developers continue to improve their malware

Nemty ransomware developing

Nemty ransomware developers continue to actively work on their malware, developing it in an effort to increase interest to the product on underground forums. Attackers made changes to the nature of their actions in the victim’s system. Now the program can not only encrypt files, but also terminate processes and services that interfere with this task. For the first time, …

Read More »

Remove Kvag Virus Ransomware (+File Recovery)

About Kvag Kvag is assorted by our malware research team as the DJVU ransomware family. Another variants of this family is Meds, Moka, Peta, and some others. There are certain antiviruses that bypass it as well as therefore letting its irruption. Actually, we have to name it so, because of the “.kvag” extension that it adds at the end of …

Read More »

Remove Meds Virus Ransomware (+File Recovery)

About Meds Meds is ranked by our virus analyst team as the DJVU virus genus. Another variants of this family is Moka, Peta, Shariz, and some others. There are certain antiviruses that ignore it as well as therefore allowing its invasion. Actually, we have to call it that, because of the “.meds” extension that it appends at the end of …

Read More »

Remove Moka Virus Ransomware (+File Recovery)

About Moka Moka is ranked by our virus analyst team as the DJVU virus infection. Another variants of this family is Peta, Shariz, Seto, and some others. There are certain protection programs that bypass it as well as therefore permitting its invasion. Actually, we have to term it that way, because of the “.moka” extension that it adds at the …

Read More »

Remove Peta Virus Ransomware (+File Recovery)

About Peta Peta is assorted by our virus analyst team as the DJVU ransomware genus. Another variants of this family is Shariz, Seto, Rumba, and some others. There are certain protection programs that skip it as well as therefore letting its irruption. Actually, we have to term it that way, because of the “.peta” extension that it attaches at the …

Read More »

Sodinokibi ransomware spreads through fake forums on WordPress sites

Sodinokibi spreads through fake forums

Sodinokibi spreads through fake forums. Its operators hack WordPress sites and embed JavaScript code that displays posts from the fake Q&A forum on top of the original site’s content. Messages contain an alleged “response from the administrator” of the site with an active link to the installer of the ransomware program. According to the recent publication in BleepingComputer, attackers hack …

Read More »