Magniber ransomware hits computers in a different way than other ransomware that uses spam links, malicious websites, rogue programs and more. Magniber attacks directly through fake Google Chrome and Microsoft Edge updates. Upon entering a website, a pop-up will appear saying that your browser is outdated and giving you the option to click and download the update. After the

DarkRadiation ransomware is focused on attacks against Linux systems, mostly based on Debian distributions. DarkRadiation uses SSH access to move laterally inside the system and be able to deploy the ransomware. It is written in bash script, then they use an open source code called ‘node-bash-obsfucated’, made in Node.js, it messes up the code, making it impossible to read the data. His

White Rabbit ransomware emerged in December 2021, carrying out an attack on a local US bank. Like many ransomware groups, White Rabbit uses double extortion to pressure its victims into paying the ransom. Double extortion consists of blocking access to files through encryption and extracting sensitive company files that will be leaked if the company does not pay the ransom. These tactics aim

QNAP NAS is a device developed by QNAP Systems, which is a Taiwanese corporation specializing in developing network attached storage devices such as NAS. The NAS can be directly connected to the network users, in most cases, a NAS consists of multiple hard drives organized as a RAID system. This type of device is perfect for businesses that have a

DemonWare ransomware has applied an extremely dangerous strategy to businesses, employee grooming. The groups have sent out numerous emails to employees of large companies in order for them to become partners and install the ransomware. While this tactic is very dangerous, because any access that a disgruntled employee provides renders all the protection the company has developed to prevent outside attacks virtually

The QNAPCrypt ransomware is a direct evolution of the eCh0raix ransomware. eCh0raix became known for targeting attacks on QNAP and Synology NAS devices. After numerous successful attacks the group ceased attacks and later appeared as QNAPCrypt. Unlike eCh0raix, QNAPCrypt has focused its attention exclusively on QNAP NAS, as its name already alludes to. For the vast majority of the time

The DeadBolt ransomware has recently emerged and is making numerous attacks, which are targeted at QNAP NAS devices. In its first month, the group has made attacks on at least 15 companies. DeadBolt is yet another ransomware group that primarily targets QNAP NAS devices. QNAP itself issued a warning about the DeadBolt ransomware attacks, instructing its customers not to connect

Zenzno has carried out numerous attacks, the main means he uses to infect the victim’s system are fake software, software crack tools, spam emails and Trojan horses. The files attached in the spam emails sent by the group look regular, most use extensions such as Word, Excel, .ZIP, .RAR, .RUN, .EXE, PDF, the most common ones so as not to

Buran ransomware is yet another group that has applied RaaS (Ransomware as a Service) tactics, which is nothing more than outsourcing attacks. The groups that apply this tactic present their malware in forums on the Dark Web in search of buyers willing to make attacks. Buran ransomware is yet another group that has applied RaaS (Ransomware as a Service) tactics, which is

Erebus ransomware uses RSA-2048 encryption to lock files, it accesses the computer via malicious online advertisements on third-party websites. Usually, these ads redirect users to a Rig exploit server, thereby infecting the computer. When Erebus ransomware accesses the device and encrypts the stored files, it is added to all .ecrypt files. After the encryption process is completed, two files, one HTML and