live casino online

Here's a quick rundown of the ransomware updates and new families discovered within the week: ?

cuteRansomware (detected by live casino online as Ransom_CRYPCUTE.A)

Found to be based on a source code for a ransomware module called "my-Little-Ransomware" on GitHub, cuteRansomware uses Google? Docs to transmit encryption keys and collect user information to avoid detection. Based on , while the ransomware uses Google Docs, it isn¡¯t limited to Google's cloud platform and can be transferred via other cloud apps. cuteRansomware is considered critical as malicious actors are increasingly using the cloud for delivering malware and exfiltrating data via command-and-control and traditional tools lack visibility into SSL¡ªa technique that works to an attacker¡¯s advantage.

Alfa Ransomware (detected by live casino online as Ransom_ALFA.A)

Said to be developed by the same group behind ransomware, Alfa ransomware scans all local drives for certain file types upon infection, targeting up to 142 different file types for encryption. Based on , once encrypted, Alfa appends a file extension ¡°.bin¡± to the encrypted file. Its distribution method is still unknown; however, what is certain is that as of late, its encryption cannot be broken by third-party decrypters.

CTB Faker (detected by live casino online as Ransom_ZIPTB.A)

Who says ransomware has to be sophisticated to work? Like the name says, CTB Faker to be ransomware, but instead of encrypting the files on the infected system, CTB Locker moves them into a password-protected ZIP archive and demands a ransom of .08 bitcoins (around US$50) in exchange for the password. CTB Faker, which is actually a WinRAR SFX file, is distributed via fake profile pages on adult sites that contain passwords and links to an alleged password-protected striptease video. As soon as the user clicks on the link in the profile, the ransomware downloads the zip file hosted on JottaCloud. Once the user extracts the contents of the zip files and runs the executable, CTB Faker runs its archiving routine.

Ranscam

Considered low-tech but highly destructive, Ranscam threatens to delete the victim's files unless the ransom of 0.2 bitcoin is paid, but instead of encrypting the files like regular ransomware, it deletes them anyway¡ªwhich means the victim loses the files even if the ransom is paid. As its name suggests, it's more of a "ransomware scam" than ransomware. According to the , a compromised user would first notice a ransom note displayed by the malware. It pretends to have moved the user¡¯s files to a ¡°hidden, encrypted partition¡± instead of leaving the files encrypted in their current location. It's all a lie though¡ªRanscam already deleted them.?

These four ransomware variants aren¡¯t known to be widely spread, but can be disruptive and even destructive in their own right, especially Ranscam, with its ability to ultimately trick users into paying without giving their files back. Regardless of the type of ransomware family or variant, online best practices such as avoiding opening unverified emails and links embedded in them, and regularly updating software and applications can reduce the risk of getting infected. Backing up files using the can mitigate the effects of the file loss from a ransomware infection.

Ransomware Solutions