The Dark Angels ransomware has been active since May 2022, all indications are that it belongs to the Babuk ransomware family. As usual ransomware groups improve their malware and release new variants frequently. The Dark Angel ransomware is not left out of this move either. We have seen that the ransomware called ELF has appropriated a good technical part of

Uptycs researchers have recently discovered a new ransomware that attacks Linux systems. Its name, ELF ransomware. Ransomware creators usually target Windows operating systems. But this time, technology lovers’ favorite OpenSource system has been exposed to its vulnerability. ELF ransomware, in reference to “Executable and Linkable Format” files, is able to encrypt files within the Linux system based on the folder

Around July of this year, the HavanaCrypt ransomware emerged in the cyber world. It has been carrying out attacks with an interesting twist. HavanaCrypt masquerades as a Google software update to encrypt virtual machines. The ransomware is written in the .NET language and uses an OpenSource obfuscator called Obfuscate to hide feature names used in the ransomware. The group behind

In early July, researchers identified suspicious activity from a previously unknown, or not so unknown, ransomware, the Monti ransomware. You could say it is almost new, as it is quite similar to the famous Conti ransomware. Some say they are “Doppelganger”, which means look-alike. Some time ago the Conti group suffered a break-in and a major data leak, including source

A new ransomware called Daixin has been spotted in activity. There is not much information yet on its technical characteristics, but we already understand the impact Daixin ransomware can have on a company’s operation. Daixin’s first victim was a community hospital in Missouri, USA. Even before the hospital came forward, the Daixin group had already taken credit for the attack.

Nyx ransomware is the newest variant recently discovered by cyber researchers. This new ransomware practices one of the most feared strategies for ransomware attack victims: double extortion. This refers to the fact that they not only encrypt the data, but also steal it. In this way they can exert greater pressure by threatening to disclose the stolen data if there

Ransomware that fits into the Ransomware as a Service (RaaS) system is extremely dangerous. The Arvin Club ransomware is part of this category. RaaS is the strategy for selling the malware, the creators sell their services on DarkWeb for a relatively affordable price. The big danger is that any malicious person, is able to operate a ransomware attack on any

A new ransomware makes its appearance in the cyber world, the Agenda ransomware. Researchers have detected worrying moves on the part of this new group. In a short period of time they have already orchestrated several attacks targeting organizations in Asia and Africa. The Agenda ransomware was developed in the Go programming language. A language widely used by hackers to

The ProLock ransomware follows a specific strategy when choosing its victims. This strategy is called “Big Game Hunting,” referring to the fact that the group only attacks large companies. This way, by having large companies or government networks as targets, the attackers are able to extract large payouts from the victims. By the end of 2019 ProLock was already active,

Gwisin ransomware has been increasing the number of its attacks around the world. Asian countries, such as Korea, have been the target of an unprecedented wave of Gwisin ransomware attacks. Unlike other ransomware, Gwisin chooses and studies its victims very carefully. Each of them unknowingly undergoes a detailed analysis before being attacked. Gwisin ransomware is distributed in MSI installation file