Expert Insights

Buran ransomware is yet another group that has applied the RaaS (Ransomware as a Service) tactic, which is nothing more than outsourcing attacks. The groups that apply this tactic present their malware in forums on the Dark Web in search of buyers willing to carry out attacks. RaaS expands the scope of ransomware, increasing the number of attacks exponentially. Even though the

Erebus ransomware uses RSA-2048 encryption to lock the files, it accesses the computer via malicious online advertisements on third-party websites. Usually these ads redirect users to a Rig exploit server, thereby infecting the computer. When the Erebus ransomware accesses the device and encrypts the stored files, it is added to all .ecrypt files. After the encryption process is finished two files, one

Surtr ransomware has left a list of successful attacks on companies around the world, the group is in a rapid and coordinated spread, any company can be targeted by Surtr. The main methods used by the group to break into the victim’s system are Trojans, e-mails, files downloaded from untrusted sources, fake software updaters, software cracking tools, and others. These are the

Ransomware attacks have been on the rise around the world, and with that comes a new threat, Alkhal ransomware. It acts like a Trojan horse and is downloaded through files, emails, malicious websites, program downloads, these are just a few ways. Once downloaded the ransomware installs itself on the operating system. Alkhal ransomware can invade a company’s internal network and compromise

The GlobeImposter ransomware was first spotted in January 2017, and runs as a Trojan. It invades the victim’s system through attachments, apps, and websites with malicious links. The Trojan is a Trojan horse that is designed to appear to be a genuine program that is made available on download sites, contained within these programs is ransomware that is installed once

The TellYouThePass ransomware is a Trojan written in the Java and .Net languages, but in more recent attacks the Go language has been used. The common form of invasion used by the group is through email attachments, usually as Microsoft Word files. After the file is downloaded, the ransomware is installed and preparations for encryption are initiated. All programs that could