-
Russian-speaking threat actor "farnetwork" linked to 5 ransomware gangs
The operator of the Nokoyawa ransomware-as-a-service (RaaS), a threat actor known as 'farnetwork', built experience over the years by helping the JSWORM, Nefilim, Karma, and Nemty affiliate programs with malware development and operation management.
- November 08, 2023
- 04:32 AM
0
-
New Karma ransomware group likely a Nemty rebrand
Threat analysts at Sentinel Labs have found evidence of the Karma ransomware being just another evolutionary step in the strain that started as JSWorm, became Nemty, then Nefilim, Fusion, Milihpen, and most recently, Gangbang.
- October 19, 2021
- 08:00 AM
0
-
New Webinar: Choose Your Own Investigation — Browser Attack Edition
Modern attacks have shifted focus to the browser, yet detection tools remain largely blind to the crucial activity happening there.
Join Push Security on February 11th for an interactive "choose-your-own-adventure" webinar on ClickFix, credential phishing, and other in-browser attacks we've observed in the wild.
-
The Week in Ransomware - April 17th 2020 - Changing Tactics
There was not a lot of new ransomware variants released this week, but some pretty interesting news about operations changing their tactics to remain more profitable and to evade law enforcement.
- April 17, 2020
- 06:35 PM
- 0
-
Nemty Ransomware shuts down public RaaS operation, goes private
The Nemty Ransomware is shutting down its public Ransomware-as-a-Service (RaaS) operation and switching to an exclusive private operation where affiliates are hand-selected for their expertise.
- April 15, 2020
- 07:07 PM
- 0
-
New Nefilim Ransomware Threatens to Release Victims' Data
A new ransomware called Nefilim that shares much of the same code as Nemty has started to become active in the wild and threatens to release stolen data.
- March 17, 2020
- 12:28 PM
- 0
-
Nemty Ransomware Punishes Victims by Posting Their Stolen Data
The Nemty Ransomware is the latest cybercrime operation to create a data leak site to punish victims who refuse to pay ransoms.
- March 02, 2020
- 07:10 PM
- 1
-
Nemty Ransomware Actively Distributed via 'Love Letter' Spam
Security researchers have spotted an ongoing malspam campaign using emails disguised as messages from secret lovers to deliver Nemty Ransomware payloads on the computers of potential victims.
- February 27, 2020
- 02:16 PM
- 0
-
The Week in Ransomware - January 17th 2020 - Never Ends
Data exfiltration is still the big thing this week, with the Sodinokibi Ransomware publishing stolen files of one of their victims for the first time and Nemty planning on leaking stolen files as well.
- January 17, 2020
- 05:49 PM
- 10
-
Nemty Ransomware to Start Leaking Non-Paying Victim's Data
The Nemty Ransomware has outlined plans to create a blog that will be used to publish stolen data for ransomware victims who refuse to pay the ransom.
- January 13, 2020
- 03:05 PM
- 2
-
Ryuk Ransomware Forces Prosegur Security Firm to Shut Down Network
In a statement at midday today (local time), Spanish multinational security company Prosegur announced that it was the victim of a cybersecurity incident disrupting its telecommunication platform.
- November 27, 2019
- 12:48 PM
- 0
-
Nemty Ransomware Now Spreads via Trik Botnet
The operators of Nemty ransomware have found a new distributor for their file-encrypting malware, which now spreads via Trik, a botnet that pushes all sorts of threats.
- November 04, 2019
- 02:43 PM
- 0
-
The Week in Ransomware - October 11th 2019 - Decryptors Released!
We had some interesting news this week, such as the HildaCrypt ransomware releasing their keys, RobbinHood Ransomware bragging about their past exploits, a Muhstik Ransomware victim hacking back and stealing the decryption keys, and a Nemty decryptor being released.
- October 11, 2019
- 06:37 PM
- 0
-
Nemty 1.6 Ransomware Released and Pushed via RIG Exploit Kit
The RIG exploit kit is now pushing a cocktail of malware that includes a new variant of the Nemty Ransomware.
- October 11, 2019
- 03:36 PM
- 2
-
Nemty Ransomware Decryptor Released, Recover Files for Free
Victims of the Nemty Ransomware finally have something to be happy about as researchers have released a decryptor that allows them to recover files for free.
- October 10, 2019
- 04:44 PM
- 7
-
The Week in Ransomware - September 20th 2019 - Fairly Quiet
This has been a fairly quiet week with no real big news other than further updates from Nemty, the introduction of TFlower, and another Ordinypt campaign targeting Germany.
- September 20, 2019
- 06:41 PM
- 0
-
Nemty Ransomware Update Lets It Kill Processes and Services
Nemty ransomware is under active development, although its version number may not show it. Its authors are clearly making efforts to make it a more efficient and sophisticated malware and it begins wider distribution.
- September 14, 2019
- 03:11 PM
- 0
-
The Week in Ransomware - September 13th 2019 - Exploit Kits
This week was your standard mix of new variants of existing ransomware and new ransomware families being released.
- September 13, 2019
- 08:40 PM
- 0
-
Exploit Kits Target Windows Users with Ransomware and Trojans
Over the weekend and into today, four different malvertising campaigns have been redirecting users to exploit kits that install password stealing Trojans, ransomware, and clipboard hijackers.
- September 09, 2019
- 04:49 PM
- 0
-
Fake PayPal Site Spreads Nemty Ransomware
A web page pretending to offer an official application from PayPal is currently spreading Nemty ransomware to unsuspecting users.
- September 08, 2019
- 11:01 AM
- 0
-
The Week in Ransomware - September 6th 2019 - Three Week Roundup
Over the past three weeks, we have seen a lot of attacks on schools, local government entities, and MSPs by the REvil and Ryuk crews. These targets tend to pay large ransoms through insurance and thus are prime targets for the ransomware affiliates and developers.
- September 06, 2019
- 04:56 PM
- 1
- 1
- 2
