Vertek’s security operations team has noticed website ransomware is starting to pick up steam with recent variants of AwesomeWare, a PHP based ransomware that targets vulnerable web servers and encrypts the web server files with Rijndael AES 128bit cipher. Infected hosts redirect all web traffic to the ransom note/defacement page requesting contact by email and/or payment via bitcoin wallet. AwesomeWare AwesomeWare was developed by Bug7Sec, an Indonesian threat actor, and placed on Github.com about......
Locky is being distributed at mass scale via phishing and spam email attacks by two major botnets; Necurs and...Read More
Locky IoCs extracted by our security operations center. Public Pulse | TLP: White | encrypts with extension .DIABLO6 OTX...Read More
As most of you have likely heard or seen on the news, there’s a new ransomware variant called “WannaCry”...Read More