Cyware Daily Threat Intelligence

Daily Threat Briefing • Dec 4, 2017
This website uses cookies and similar technologies to provide essential functionality and improve your experience. Some features, such as demo scheduling and chat support, require marketing cookies to function. By clicking "Accept All", you consent to all cookies. Alternatively, you can customize your preferences, but note that declining marketing cookies will limit certain website features.
Daily Threat Briefing • Dec 4, 2017
Top Malware Reported in the Last 24 Hours
Shadow BTCware
Recently, a new variant of the BTCWare ransomware has been discovered recently. This new variant attaches the [email]-id-id.shadow extension to encrypted files. The BTCWare ransomware family targets victims by hacking into poorly protected remote desktop services and manually installing the ransomware.
Want Money ransomware
A crypto ransomware dubbed Want Money encrypts user files and extorts money to decrypt them. Once triggered, the malware encrypts the user files using AES-256 encryption. It restricts the chance for the users to restore files by deleting all the shadow copies or restore points.
Halloware ransomware
A malware author by the name of Luc1F3R is peddling a new ransomware strain called Halloware for the lowly price of $40. The ransomware encrypts files using a hardcoded AES-256 key and prepends the "(Lucifer)" string to encrypted files. As the ransomware uses a hardcoded AES key and does not save any information on a remote server, recovering encrypted files is not possible.