With Twitter hackers, 10\/10 vulnerabilities, and Cloudflare outages this week, thankfully ransomware has been pretty slow this week.<\/p>\n
The biggest news is Orange confirming they were hit with a Nefilim ransomware attack and business customer's data being stolen. We also saw an interesting ransomware that utilizes the Age encryption tool.<\/p>\n
Other than that, it has mostly been smaller attackers and new ransomware variants released.<\/p>\n
Contributors and those who provided new ransomware information and stories this week include: @demonslay335, @VK_Intel, @struppigel, @malwrhunterteam, @fwosar, @BleepinComputer, @LawrenceAbrams, @Seifreed, @serghei, @DanielGallagher, @PolarToffee, @FourOctets, @jorntvdw, @Ionut_Ilascu, @malwareforme, @JakubKroustek, @xiaopao80087499, @fbgwls245, @Amigo_A_, @campuscodi, and @360TotalSec.<\/p>\n
xiaopaofound a new Matrix Ransomware variant that appends the .AL8P extension and drops a ransom note namedReadme_AL8P.rtf.<\/p>\n
dnwls0719 found a new FonixCrypter variant that appends the.XINOF extension.<\/p>\n<\/p>\n
A new and targeted ransomware named AgeLocker utilizes the 'Age' encryption tool created by a Google employee to encrypt victim's files.<\/p>\n<\/p>\n
Michael Gillespiefound a new STOP Ransomware variant that appends the .repl extension to encrypted files.<\/p>\n
Jakub Kroustekfound two new variants of the Dharma Ransomware that append either the .data or .smpl extensionto encrypted files.<\/p>\n
The data theft and name-and-shame tactics initiated by Maze in November 2019 and subsequently adopted by multiple other groups have blurred the line between ransomware attack and data breach.<\/p>\n
Michael Gillespiefound a new Makop Ransomware variant that appends the .zbw extension and drops a ransom note namedreadme-warning.txt.<\/p>\n
Michael Gillespie is looking for a new ransomware that appends the .FastWind extension and drops a ransom note named ransomware.txt.<\/p>\n
Recently, 360 Security Center has detected that a file encryption virus in the form of a hoax has appeared on the network. In view of the encrypted file suffix of the virus is named .flowEncryption, we named it flowEncryption file encryption virus.<\/p>\n
Orange has confirmed to BleepingComputer that they suffered a ransomware attack exposing the data of twenty of their enterprise customers.<\/p>\n
Michael Gillespiefound a new Makop Ransomware variant that appends the .BNFD extension to encrypted files.<\/p>\n
Blackbaud, a provider of software and cloud hosting solutions, said it stopped a ransomware attack from encrypting files earlier this year but still had to pay a ransom demand anyway after hackers stole data from the company's network and threatened to publish it online.<\/p>\n
Michael Gillespiefound a new Dharma Ransomware variant that appends the .spareextension to encrypted files.<\/p>\n
Michael Gillespiefound a new Maoloa Ransomware variant that appends the .Globeimposter-Alpha865qqzextension to encrypted files.<\/p>\n
Michael Gillespiefound a new STOP Ransomware variant that appends the .kuusextension to encrypted files.<\/p>\n
<\/p>\n