Heres The Top Ransomwares And the Most Feared Ransomware Spreaded Across the Globe.
First Of All What IS RANSOMWARE:Ransomware Is A File Encrypting Software After You Got Encrypted Attackers Ask For Ransom In order To Unlock Your Files.
1.LOCKY-Locky is ransomware that was first used for an attack in 2016 by a group of organized häçkers. Locky encrypted more than 160 file types and was spread by means of fake emails with infected attachments. Users fell for the email trick and installed the ransomware on their computers. This method of spreading is called phishing, and is a form of what is known as social engineering. Locky ransomware targets file types that are often used by designers, developers, engineers and testers
Release:March,2016
Type:Trojan
Av vendor Detections:
Release:August.2018
Type:Trojan
Suspected organization:North Korean,Russian
Av Vendors detection:
Release:May 12,2017
Type:CryptoWorm(Worm Is A StandAlone Malware That Can Spread Through Network And Replicate It Self Over And Over Again)
Suspected Organizations:Lazarus Group
Origin:Pyongyang,North Korea
Damage:92 million Dollars
Extension: .wannacry, .wcry, .wncryt, .wncry
Av vendor detection:
4.Petya-Petya is a ransomware attack that occurred in 2016 and was resurrected as GoldenEye in 2017. Instead of encrypting certain files, this malicious ransomware encrypted the victim's entire hard disk. This was done by encrypting the Master Boot Record(MBR), which made it impossible to access files on the hard disk. Petya ransomware spread to corporate HR departments via a fake application that contained an infected Dropbox link
Release:March 2016
Suspected organizations:Unknown
Type:Full Malware
Av vendor detection:
Release:January,2018
Suspected organozation:Unknown
Type:Trojan
Extension: .KCRAB, .CRAB, .GDCB, .(+)
Av Vendor Detection:
First Of All What IS RANSOMWARE:Ransomware Is A File Encrypting Software After You Got Encrypted Attackers Ask For Ransom In order To Unlock Your Files.
1.LOCKY-Locky is ransomware that was first used for an attack in 2016 by a group of organized häçkers. Locky encrypted more than 160 file types and was spread by means of fake emails with infected attachments. Users fell for the email trick and installed the ransomware on their computers. This method of spreading is called phishing, and is a form of what is known as social engineering. Locky ransomware targets file types that are often used by designers, developers, engineers and testers
Release:March,2016
Type:Trojan
Av vendor Detections:
- Ransom:Win32/Locky.A (You do not have permission to view the full content of this post. Log in or register now.)
- Trojan.Encoder.3976 (You do not have permission to view the full content of this post. Log in or register now.)
- Win32/Filecoder.Locky.A (You do not have permission to view the full content of this post. Log in or register now.)
- Malicious_Behavior.VEX.99 (You do not have permission to view the full content of this post. Log in or register now.)
- Trojan-Ransom.Win32.Locky.d (You do not have permission to view the full content of this post. Log in or register now.)
- Trojan.Cryptolocker.AF (You do not have permission to view the full content of this post. Log in or register now.)
Release:August.2018
Type:Trojan
Suspected organization:North Korean,Russian
Av Vendors detection:
- Ransom.ryuk (Malwarebytes)
- Win64:RansomX-gen [Ransom] (Avast)
- Generic.Ransom.Ryuk.CF0B8F43 (B) (Emsisoft)
- HEUR:Trojan.Win32.Generic (Kaspersky)
- Ransom:Win32/Ryuk.S!MTB (WinDefender/Microsoft)
Release:May 12,2017
Type:CryptoWorm(Worm Is A StandAlone Malware That Can Spread Through Network And Replicate It Self Over And Over Again)
Suspected Organizations:Lazarus Group
Origin:Pyongyang,North Korea
Damage:92 million Dollars
Extension: .wannacry, .wcry, .wncryt, .wncry
Av vendor detection:
- Sf:WNCryLdr-A [Trj] (Avast)
- Trojan.Ransom.WannaCryptor.H (B) (Emsisoft)
- Trojan-Ransom.Win32.Wanna.m (Kaspersky)
- WannaCry.Ransom.Encrypt.DDS (Malwarebytes)
- Ransom:Win32/WannaCrypt.H (WinDefener/Microsoft)
- Malware.Win32.Gen.bot!se30058 (Grindinsoft)
4.Petya-Petya is a ransomware attack that occurred in 2016 and was resurrected as GoldenEye in 2017. Instead of encrypting certain files, this malicious ransomware encrypted the victim's entire hard disk. This was done by encrypting the Master Boot Record(MBR), which made it impossible to access files on the hard disk. Petya ransomware spread to corporate HR departments via a fake application that contained an infected Dropbox link
Release:March 2016
Suspected organizations:Unknown
Type:Full Malware
Av vendor detection:
- Malwarebytes:Ransom.Petya
- Fortinet:W32/Petya.D!tr.ransom
- Kaspersky:Trojan-Ransom.Win32.Petr.eu
- Emisoft:Trojan-Ransom.GoldenEye (A)
- Microsoft:Ransom:Win32/Petya
- NANO-Antivirus:Trojan.Win32.Ransom.ejgwkv
Release:January,2018
Suspected organozation:Unknown
Type:Trojan
Extension: .KCRAB, .CRAB, .GDCB, .(+)
Av Vendor Detection:
- Trojan.Win32.Encoder.eytbdj (NANO-Antivirus)
- Ransom:Win32/Gandcrab (Microsoft)
- Generic.Ransom.GandCrab.D0BCA546 (B) (Emsisoft)
- Ransom.Win32.Gandcrab.oa (GrindinSoft)
- Win32:RansomX-gen [Ransom] (Avast)
- Ransom.GandCrab (Malwarebytes)
- HEUR:Trojan.Win32.Generic (Kaspersky)