The DeadBolt ransomware has recently emerged and is making numerous attacks, which are targeted at QNAP NAS devices. In its first month, the group has made attacks on at least 15 companies. DeadBolt is yet another ransomware group that primarily targets QNAP NAS devices. QNAP itself issued a warning about the DeadBolt ransomware attacks, instructing its customers not to connect

Zenzno has carried out numerous attacks, the main means he uses to infect the victim’s system are fake software, software crack tools, spam emails and Trojan horses. The files attached in the spam emails sent by the group look regular, most use extensions such as Word, Excel, .ZIP, .RAR, .RUN, .EXE, PDF, the most common ones so as not to

Buran ransomware is yet another group that has applied RaaS (Ransomware as a Service) tactics, which is nothing more than outsourcing attacks. The groups that apply this tactic present their malware in forums on the Dark Web in search of buyers willing to make attacks. Buran ransomware is yet another group that has applied RaaS (Ransomware as a Service) tactics, which is

Erebus ransomware uses RSA-2048 encryption to lock files, it accesses the computer via malicious online advertisements on third-party websites. Usually, these ads redirect users to a Rig exploit server, thereby infecting the computer. When Erebus ransomware accesses the device and encrypts the stored files, it is added to all .ecrypt files. After the encryption process is completed, two files, one HTML and

Surtr ransomware has left a list of successful attacks on companies around the world, the group is in a rapid and coordinated spread, any company can be targeted by Surtr. The main methods used by the group to break into a victim’s system are Trojans, emails, files downloaded from untrusted sources, fake software updaters, software cracking tools, and more. These are

Digital Recovery specialises in the recovery of files encrypted by ransomware. Get in touch and start recovery now. It acts like a Trojan horse, it is downloaded through files, emails, malicious websites, program downloads, these are just a few ways. After being downloaded the ransomware installs itself on the operating system. Alkhal ransomware can invade the internal network of a company

GlobeImposter ransomware was first spotted in January 2017, and runs as a Trojan. It invades the victim’s system through attachments, apps and websites with malicious links. The Trojan is a Trojan horse that is designed to appear to be a genuine program that is made available on download sites, in that program is contained the ransomware that is installed once

The TellYouThePass ransomware is a Trojan written in the Java and .Net languages, but in more recent attacks the Go language has been used. The common form of invasion used by the group is through email attachments, usually as Microsoft Word files. After the file is downloaded, the ransomware is installed and preparations for encryption are initiated. All programs that could prevent

The BitLocker ransomware has exploited known vulnerabilities in Microsoft Exchanges, these vulnerabilities became known as ProxyShell, this name was given to the combination of three vulnerabilities: CVE-2021-34473, CVE-2021-34523 and CVE-2021-31207. BitLocker different from other groups uses a tool of Windows itself to encrypt the files, tool that gives the group its name. This encryption tactic requires a little more from

QuickBooks is an accounting software, developed by the company Intuit. The software is intended for small and medium sized companies.