Lilith ransomware was discovered in June and has been carrying out attacks on businesses using double extortion. When the ransomware is executed the encryption code begins infecting files, adding the “.lilith” extension, and data is stolen and locked. Lilith targets machines using 64-bit versions of Windows. A file with the ransom note is left by the group on the victim’s
0mega is a new ransomware extension released in May 2022. The group uses double extortion strategies, just like LockBit and other hacker families. The double extortion adopted by the ransomware variants, consists of in addition to charging a fee to recover the encrypted files, the groups threaten to expose the victim’s data if the negotiation does not take place. The
The Red Alert ransomware was taken public on July 5, 2022 via twitter by MalwareHunterTeam. According to the ransomware’s own website, as of this date, Red Alert had only a single company on its victim list. The group behind the attacks has used two appellations in its operations, Red Alert in its attacks and in its ransom notes, but also
The RansomHouse ransomware claimed its first victim in December 2021, according to the group’s own website, a site that is designed for the extortion of its victims. The criminals have been adding new companies to their list of attacks, frequently. Even if the beginning of RansomHouse is not entirely clear, the organisation has not evolved as a completely autonomous group,
Yanlouwang Ransomware is malware that is in development, yet it is already causing concern for businesses. The group was discovered in August 2021 in one of its attacks. Yanlouwang is a name of a Chinese entity, known as the god of the underworld, Yanluo Wang. Despite the name being derived from an Asian culture, there is no information on the
The MedusaLocker ransomware targets its attacks on small and medium-sized businesses. The group was first spotted in September 2019, being noticed by MalwareHunterTeam. The ransomware invades the system from macros, malicious ads and torrent sites. After execution, Medusa begins to encrypt files by adding extensions making it impossible to access the information. It is advisable that in cases of
The LockBit 3.0 ransomware is an update of its original version. And despite its recent release, it has already been drawing attention with new bug bounty systems and company exposure. With the fall and deactivation of other ransomware groups, Cyberthint reported that LockBit has been gaining prominence, being responsible for more than 60 attacks, representing 32% of the invasions in
The Xinglocker ransomware has been carrying out attacks since it first appeared around May 2021. It targets companies that use the Windows operating system. After finding some access to the victim’s system, either through email campaigns, malicious links or human inadvertence, the malware starts acting on the data. After encryption, Xinglocker generates a text file “READ_ME.txt”. In it, there is
The HelloKitty ransomware, also known as FiveHands, has become quite relevant, to the point of drawing the attention of CISA and the FBI. The group was first spotted in December 2020 and remains active to this day. Their biggest publicised attack was on CD Projekt Red, an electronic game company known for “The Witcher” franchise. HelloKitty uses the Ransomware as
According to the data, the first appearance of the Darkside Ransomware happened around August 2020. Since then, the group behind the Darkside attacks has been targeting companies in all industries around the world. The vision of Ransomware as a Service (RaaS) is becoming more and more democratized among cybercriminals. It makes it possible for any malware owner to carry out
Through unique technologies Digital Recovery can bring back encrypted data on any storage device, offering remote solutions anywhere in the world.
Discover the invisible vulnerabilities in your IT – with the 4D Pentest from Digital Recovery
