Cyware Daily Threat Intelligence December 04, 2017

Share Blog Post

Top Malware Reported in the Last 24 Hours
Shadow BTCware
Recently, a new variant of the BTCWare ransomware has been discovered recently. This new variant attaches the [email]-id-id.shadow extension to encrypted files. The BTCWare ransomware family targets victims by hacking into poorly protected remote desktop services and manually installing the ransomware.

Want Money ransomware
A crypto ransomware dubbed Want Money encrypts user files and extorts money to decrypt them. Once triggered, the malware encrypts the user files using AES-256 encryption. It restricts the chance for the users to restore files by deleting all the shadow copies or restore points.

Halloware ransomware
A malware author by the name of Luc1F3R is peddling a new ransomware strain called Halloware for the lowly price of $40. The ransomware encrypts files using a hardcoded AES-256 key and prepends the "(Lucifer)" string to encrypted files. As the ransomware uses a hardcoded AES key and does not save any information on a remote server, recovering encrypted files is not possible.


Posted on: December 04, 2017

Get the Daily Threat Briefing delivered to your email!

More from Cyware

Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.

Join Thousands of Other Cyware Followers!