The ZEON ransomware is the newest group on the global ransomware scene, the group has made numerous attacks on businesses. ZEON uses AES and RSA encryption, which are extremely effective, the .zeon extension is added to the affected files, for example, the file image1.jpg will become image1.jpg.zeon. Files with this extension can only be opened with the decryption key that

Ransom Cartel has emerged with similarities to the REvil Sodinokibi ransomware, there are certain technical similarities between them, however, it is unclear whether it is really a copy of REvil or a new ransomware simply similar. The files encrypted by Ransom Cartel feature the extension change, ‘.294l0jaf59.‘ is added. The ransom note closely resembles the note from the renowned Revil Sodinokibi.

Magniber ransomware hits computers in a different way than other ransomware that uses spam links, malicious websites, rogue programs and more. Magniber attacks directly through fake Google Chrome and Microsoft Edge updates. Upon entering a website, a pop-up will appear saying that your browser is outdated and giving you the option to click and download the update. After the

DarkRadiation ransomware is focused on attacks against Linux systems, mostly based on Debian distributions. DarkRadiation uses SSH access to move laterally inside the system and be able to deploy the ransomware. It is written in bash script, then they use an open source code called ‘node-bash-obsfucated’, made in Node.js, it messes up the code, making it impossible to read the data. His

White Rabbit ransomware emerged in December 2021, carrying out an attack on a local US bank. Like many ransomware groups, White Rabbit uses double extortion to pressure its victims into paying the ransom. Double extortion consists of blocking access to files through encryption and extracting sensitive company files that will be leaked if the company does not pay the ransom. These tactics aim

QNAP NAS is a device developed by QNAP Systems, which is a Taiwanese corporation specializing in developing network attached storage devices such as NAS. The NAS can be directly connected to the network users, in most cases, a NAS consists of multiple hard drives organized as a RAID system. This type of device is perfect for businesses that have a

DemonWare ransomware has applied an extremely dangerous strategy to businesses, employee grooming. The groups have sent out numerous emails to employees of large companies in order for them to become partners and install the ransomware. While this tactic is very dangerous, because any access that a disgruntled employee provides renders all the protection the company has developed to prevent outside attacks virtually

The QNAPCrypt ransomware is a direct evolution of the eCh0raix ransomware. eCh0raix became known for targeting attacks on QNAP and Synology NAS devices. After numerous successful attacks the group ceased attacks and later appeared as QNAPCrypt. Unlike eCh0raix, QNAPCrypt has focused its attention exclusively on QNAP NAS, as its name already alludes to. For the vast majority of the time

The DeadBolt ransomware has recently emerged and is making numerous attacks, which are targeted at QNAP NAS devices. In its first month, the group has made attacks on at least 15 companies. DeadBolt is yet another ransomware group that primarily targets QNAP NAS devices. QNAP itself issued a warning about the DeadBolt ransomware attacks, instructing its customers not to connect

Zenzno has carried out numerous attacks, the main means he uses to infect the victim’s system are fake software, software crack tools, spam emails and Trojan horses. The files attached in the spam emails sent by the group look regular, most use extensions such as Word, Excel, .ZIP, .RAR, .RUN, .EXE, PDF, the most common ones so as not to