Vertek’s security operations team has noticed website ransomware is starting to pick up steam with recent variants of AwesomeWare, a PHP based ransomware that targets vulnerable web servers and encrypts the web server files with Rijndael AES 128bit cipher. Infected hosts redirect all web traffic to the ransom note/defacement page requesting contact by email and/or payment via bitcoin wallet. AwesomeWare AwesomeWare was developed by Bug7Sec, an Indonesian threat actor, and placed on Github.com about......
Read More
Locky Now Pushing .Lukitus Variant – IoCs and OTX
Locky is being distributed at mass scale via phishing and spam email attacks by two major botnets; Necurs and...
Read MoreLocky DIABLO6 Ransomware Campaign Launched – IoCs and OTX
Locky IoCs extracted by our security operations center. Public Pulse | TLP: White | encrypts with extension .DIABLO6 OTX...
Read MoreGlobe Imposter Ransomware – IoCs and OTX
Glob Imposter IoCs extracted by our security operations center. Public Pulse | TLP: White | Encrypt filesystem with extension...
Read MoreAutomated PhishTank IoCs and OTX feed – Verified/Online Banking Phishing URLs
This is an automated process that is updated hourly by the Vertek MTI Labs Team. We pull all active/online...
Read MoreAutomated PhishTank IoCs and OTX feed – Verified/Online GoogleDocs Phishing URLs
This is an automated process that is updated hourly by the Vertek MTI Labs Team. We pull all active/online...
Read More