Category: Ransomware Articles

If you had to name a piece of software cybercriminals look to target, Microsoft’s Exchange Server would surely be near the top of the list. To its huge user base, it’s the perfect DIY in-house email system that has dovetailed with Microsoft’s ecosystem since the 1990s. To criminals, including ransomware criminals, it’s become tempting prey […]

With the Russian invasion of Ukraine came the deployment of several destructive malware families, known as “wipers,” against entities in Ukraine, with nine distinct variants observed to date. The first two, WhisperGate and HermeticWiper/PartyTicket, masqueraded as ransomware, but they were actually destructive tools rather than legitimate ransomware. This raises an important question: What’s the difference […]

Earlier this year, Russian law enforcement arrested 14 members of the notorious REvil ransomware gang and dismantled their networks. It seemed like a successful takedown. But now REvil–or someone claiming to be REvil–is back. (Something about which absolutely nobody in the information security field is surprised.) Early activity of this REvil resurgence was limited to […]

Despite the headline-grabbing multi-million dollar (or even larger) ransom demands, ransomware may not be the costliest cybercrime. Business e-mail compromise (BEC) is a less-publicized but potentially more lucrative way for criminals to digitally steal money. First, a warning that statistics on criminal endeavors—whether ransomware (or related extortion), or BEC and related frauds—are very difficult. With […]

Contemplating payment in lieu of a ransomware attack is a precarious decision at best. It’s a problematic situation with few options. In a previous article we outlined the reasons why you may want to pay a ransom to decrypt your data. However, while paying the ransom is a tempting option that can certainly bail you […]