SamSam Ransomware Infection And Decryption Services

SamSam ransomware (also known as Samas, SamSamCrypt, and MSIL) is a quickly evolving type of malware that targets hospitals, municipalities, and other large organizations. After installing malicious software through compromised servers, the hackers encrypt network files, making them unusable, and...
April 11, 2018

City of Atlanta Hit by SamSam Ransomware

A ransomware attack on the city of Atlanta on Mar. 22 has left officials scrambling to provide services to residents. Many critical services, like public-safety and wastewater treatment, have been unaffected. Meanwhile, other systems have ground to a halt or...
April 1, 2018

Only Half of Ransomware Payments Resulted in Decrypted Files

A report from a leading research firm found a startling statistic for 2017: only half of ransomware victims who paid a ransom were able to successfully decrypt their files. These findings and others in the report offer even more incentive...
March 21, 2018

SamSam Ransomware Infects CDOT

SamSam ransomware has infected thousands of computers at the Colorado Department of Transportation. Over 2,000 employee computers were shut down to stop the spread of the malware after it was discovered on Feb. 21, and systems are still not back...
March 19, 2018

2017 Ransomware Recap

Ransomware became a household name in 2016. As hackers extorted ransoms from hospitals, universities, and other groups in return for files, the public became aware of how vulnerable devices are in this connected age. Even with the awareness of this...
January 4, 2018

The 4 Most Game-Changing Ransomware Attacks

Every week, new strains of ransomware infect computers or are spotted by security researchers while still in development. Most of them are small-scale operations that attract little attention. Every once in a while, a new malware will make headlines based...
October 9, 2017

Locky Creators Tweak Variants To Evade Detection

Locky ransomware first appeared in February 2016 using a simple but ingenious social engineering method. The distributors sent thousands of emails around the world with an infected Microsoft Word document that appeared as gibberish when opened. The message, “Enable macro...
October 4, 2017

Hidden Tear Ransomware Still Wreaking Havoc

A Turkish computer programmer had a simple idea—create functional ransomware with backdoors and offer it for free to educate programmers. If any hackers used the malware to encrypt someone’s files, victims could use the backdoors to restore their data. The...
August 30, 2017

Petya Ransomware Infection And Decryption Services

A Petya ransomware variant has swept through Europe in a fashion reminiscent of the WannaCry attacks of May 12, 2017. Like WannaCry, the Petya variant spreads using Eternal Blue and has affected the following businesses and organizations:Utility companies, banks,...
June 27, 2017

Hidden Tear Ransomware Infection and Decryption Services

Hidden Tear ransomware is an open-source malware program published by its developer for educational purposes. Though the author has since taken the source code offline, hackers around the world have already downloaded and redistributed it. Modified and improved variants of...
June 9, 2017