Gwisin ransomware has been increasing the number of its attacks around the world. Asian countries, such as Korea, have been the target of an unprecedented wave of Gwisin ransomware attacks. Unlike other ransomware, Gwisin chooses and studies its victims very carefully. Each of them unknowingly undergoes a detailed analysis before being attacked. Gwisin ransomware is distributed in MSI installation file

The Cheers ransomware, even with only a short time of activity, has amassed several victims around the world, drawing attention. Cheers has focused its efforts on unprotected virtual systems, such as VMware ESXi environments. This is not the first time that VMware servers have been prime targets for ransomware attacks. Groups such as LockBit or HiveLeaks have acted in this

BianLian ransomware is intended to encrypt data and demand a ransom in exchange for the release of the decryption key. Due to the importance of the data, many victims, whether they are businesses or individuals, give in and pay the ransom. Infection with a dangerous virus, such as the BianLian ransomware, can cause severe damage to a computer system and

AiDLocker ransomware has been drawing attention in recent days. The group has been speaking out on forums and social networks such as Telegram, introducing their malware. We can deduce, due to its relationship with other Russian groups, that the AiDLocker ransomware probably originates from Russia. The group has been active in advertising its malware. In the current update, we know

The Ech0raix ransomware has been known since 2019. However, recently the group responsible for the Ech0raix ransomware attacks has updated its malware and has once again fired malicious email campaigns around the world. The group’s attacks are targeted exclusively at QNAP NAS (Network Attached Storage) devices, which has forced the manufacturer QNAP to release problem-solving updates frequently. The Ech0raix ransomware

Fonix ransomware was released in June 2020; however, it did not gain relevance at first. However, in early 2021, the ransomware hit 182 companies, putting the group in the spotlight alongside other extensions such as REvil Sodinokibi and LockBit. It is common for systems to be infected by ransomware through macros, malicious ads and pirated downloads. Fonix propagates itself in

The OldGremlin ransomware started its activities around March 2020. Although apparently Russian-speaking, OldGremlin ransomware primarily targets Russian institutions such as national banks, private companies in the industrial or medical fields. According to Oleg Skulkin, forensic analyst at Group-IB, the perpetrators of these attacks are the only Russian-speaking ransomware operators to violate the dictated rule about not working in Russia and

Ransomware attacks have been on the rise these past few years, and new ransomware often emerges. This July, it was the case with Rever ransomware that has some important characteristics. The main target of Rever ransomware is Synology NAS and Windows Server systems. After breaking in, most often done via unprotected RDP or malicious emails, the attackers encrypt the files