The ZEON ransomware is the newest group on the worldwide ransomware scene, the group has made numerous attacks on businesses. ZEON uses AES and RSA encryption, which are extremely effective, the .zeon extension is added to the affected files, for example the file image1.jpg will become image1.jpg.zeon. Files with this extension can only be opened with the decryption key that

The Ransom Cartel has emerged with similarities to the REvil Sodinokibi ransomware, there are certain technical similarities between them, however, it is unclear whether it is really a copy of REvil or a new ransomware that is simply similar. The files encrypted by Ransom Cartel feature the extension change, ‘.294l0jaf59.‘ is added. The ransom note closely resembles the note from the

Magniber ransomware hits computers in a different way than other ransomware that uses spam links, malicious websites, rogue programs, and more. Magniber attacks directly through fake Google Chrome and Microsoft Edge updates.s. Upon entering a website, a pop-up will appear telling you that your browser is out of date, and giving you the option to click and download the update.

The DarkRadiation ransomware is focused on attacks against Linux systems, mostly based on Debian distributions. DarkRadiation uses SSH access to move laterally inside the system and be able to deploy the ransomware. It is written in bash script, then they use an open source code called ‘node-bash-obsfucated’, made in Node.js, it messes up the code, making it impossible to read the data.

White Rabbit ransomware emerged in December 2021, carrying out an attack on a local bank in the United States. Like many ransomware groups, White Rabbit uses double extortion to pressure its victims into paying the ransom. Double extortion consists of blocking access to files through encryption and extracting sensitive company files that will be leaked if the company does not pay the

QNAP NAS is a device developed by QNAP Systems, which is a Taiwanese corporation specializing in developing network attached storage devices such as NAS. NAS can be directly connected to network users, in most cases a NAS consists of several hard drives organized as a RAID system. This type of device is perfect for businesses that have a high data

The DemonWare ransomware has applied an extremely dangerous strategy for businesses, employee grooming. The groups have sent numerous emails to employees of large companies in order for them to become partners and install the ransomware. While this tactic is very dangerous, since any access that a disgruntled employee provides renders all the protection that the company has developed to prevent attacks from

The QNAPCrypt ransomware is a direct evolution of the eCh0raix ransomware. eCh0raix was known for making targeted attacks on QNAP and Synology NAS devices. After numerous successful attacks the group ceased attacks and later appeared as QNAPCrypt. Unlike eCh0raix, QNAPCrypt has focused its attention exclusively on QNAP NAS, as its name already alludes to. For the vast majority of the

The DeadBolt ransomware has recently emerged and is making numerous attacks, which are targeted at QNAP NAS devices. In its first month, the group has made attacks on at least 15 companies. DeadBolt is yet another ransomware group that primarily targets QNAP NAS devices. QNAP itself issued a warning about the DeadBolt ransomware attacks, instructing its customers not to connect