Shade: not by encryption alone

We recently found that a new logic in the latest version of the Shade encryptor currently being spread widely within the territories of Russia and CIS. On the basis of this logic, the ransomware checks the computer for any involvement in accounting activities and, if the check is successful, installs remote control tools into the compromised system instead of encrypting the victim’s files. Read Full Article

Locky: the encryptor taking the world by storm

In February 2016, the Internet was shaken by an epidemic caused by the new ransomware Trojan Locky. The Trojan has been actively propagating up to the present day. Kaspersky Lab products have reported attempts to infect users with the Trojan in 114 countries around the world. Analysis of the samples has shown that this Trojan is a brand new ransomware threat, written from scratch. Read Full Article

A new generation of ransomware

Trojan-Ransom.Win32.Onion a highly dangerous threat and one of the most technologically advanced encryptors out there. Its developers used both proven techniques ‘tested’ on its predecessors and solutions that are completely new for this class of malware. The use of an unorthodox cryptographic scheme makes file decryption impossible, even if traffic is intercepted between the Trojan and the server. Read Full Article