The holidays are upon us and that means even ransomware developers are taking some time off. This showed this week with very few ransomware infections being released and for the most part we have only seen new variants of existing infections.
The biggest news is the U.S. government officially attributing the WannaCry Ransomware to North Korea. Other big news are various arrests associated with affiliates of Cerber and CTB-Locker.
Contributors and those who provided new ransomware information and stories this week include: @DanielGallagher, @Seifreed, @BleepinComputer, @FourOctets, @malwrhunterteam, @malwareforme, @fwosar, @campuscodi, @PolarToffee, @demonslay335, @hexwaxwing, @jorntvdw, @LawrenceAbrams, @struppigel, @sdkhere, @Amigo_A_, @FortiGuardLabs, @TomBossert45, @WSJ, @ITSimplifie.
December 18th 2017
Amigo-A discovered a new variant of the RSAUtil Ransomware that uses the extension .ID.GORILLA and drops a ransom note named How_return_files.txt.
Jack discovered the Satan Cryptor 2.0 Ransomware that appends the .satan extension and tries to spread via SMB.
SDK discovered a fake bitcoin multipler that installs ransomware.
December 19th 2017
In an op-ed in the Wall Street Journal, President Trump’s Homeland Security Adviser Thomas Bossert has officially blamed North Korea for the WannaCry ransomware incident that devasted hundreds of thousands of computers worldwide in May this year.