The Week in Ransomware – May 10th 2024 – Chipping away at LockBit
After many months of taunting law enforcement and offering a million-dollar reward to anyone who could reveal his identity, the FBI…
SEXi Ransomware Desires VMware Hypervisors in Ongoing Campaign
A Babuk variant has been involved in at least four attacks on VMware EXSi servers in the last six weeks,…
The Week in Ransomware – January 12th 2024 – Targeting homeowners’ data
Mortgage lenders and related companies are becoming popular targets of ransomware gangs, with four companies in this sector recently attacked.…
Fire Sale: Zeppelin Ransomware Source Code Sells for $500 on Dark Web
The buyer could use the code to restart the up to now all-but-defunct Zeppelin ransomware-as-a-service operation.
The Week in Ransomware – May 26th 2023 – Cities Under Attack
Ransomware gangs continue to hammer local governments in attacks, taking down IT systems and disrupting cities' online services. [...]
Russian Hacker “Wazawaka” Indicted for Ransomware
A Russian man identified by KrebsOnSecurity in January 2022 as a prolific and vocal member of several top ransomware groups…
Russian ransomware affiliate charged with attacks on critical infrastructure
The U.S. Justice Department has filed charges against a Russian citizen named Mikhail Pavlovich Matveev (also known as Wazawaka or…
The Week in Ransomware – May 12th 2023 – New Gangs Emerge
This week we have multiple reports of new ransomware families targeting the enterprise, named Cactus and Akira, both increasingly active…
Babuk code used by 9 ransomware gangs to encrypt VMWare ESXi servers
An increasing number of ransomware operations are adopting the leaked Babuk ransomware source code to create Linux encryptors targeting VMware…
Linux version of RTM Locker ransomware targets VMware ESXi servers
RTM Locker is the latest enterprise-targeting ransomware operation found to be deploying a Linux encryptor that targets virtual machines on…