Ransomware last week – ransom payments are falling

February 8, 2021

Last week, 30 January- 5 February 2021, was an evidence of falling in the ransom payments, while the scammers’ activity of destroying data permanently increased. Also, there is good news that that many a ransomware decryption was released this week, allowing users to recover their files.

 Here are date-wise activities on the ransomware this week 30 January – 5 February, 2021:

 January 30, 2021

This day was observed with a UK Research and Innovation ransomware attack, impacting two of its services, one of which is offering to subscribers and the platform for peer review of various parts within the agency.

February 1, 2021

On this date, we had the Coveware Quarterly Ransomware report that describes the ransomware incident response trends during Q4 of 2020. According to it, the trust of the stolen data will be deleted are now eroding. People were now giving into the cyber extortion when they are able to recover the files using backups. Thus, there is a large decline in the average ransom amounts paid

February 2, 2021

This date has been registered some new malware presence in the wild. Two new STOP variants name plam ransomware and cosd ransomware from STOP ransomware family was discovered by Michael Gillespie.

New VashSorena variant that appends .lucifer extension and drops HELP_DECRYPT_YOUR_FILES.txt and HELP_DECRYPT_YOUR_FILES.html ransom notes, founded by MalwareHunterTeam that day.

MalwareHunterTeam also found two other ransomware, namely, DERZKO ransomware and MILIHPEN.  Both belong to Netfilm ransomware family. DERZKO ransomware appends

.DERZKO and displays DERZKO-HELP.txt ransom note. And, MILIHPEN adds .MILIHPEN extension to encrypted files and drops MILIHPEN-INSTRUCT.txt ransom demanding message.

 Aside the new ransomware viruses’ release, we saw BabyK authors launched a new data leak site used to publish victims’ stolen data for double extortion purposes.

 3 February, 2021

With this date, the decryptor for Fonix Ransomware (XONIF) is available for users. The victims of this virus can use the decryption tool released by kaspersky for free and recover their encrypted files.

We have a couple of bad news also on this date, one of which is that the ransomware now targets attacks by adding challenge of double extortion. Organization require attentive from such coercive tactics to avoid potential disruptions, financial loss and reputation damage.

Another one is the ransomware attack on trucking company Forward air. According to the official, the incident costs it $7.5 in its Q4 financial results.

4 February, 2021

Xiaopao discovered HDLocker ransomware virus that is using _HD string to encrypt files. The discoverer also discovered another ransomware, a variant of Xorist ransomware that encodes files using .omfl extension.

However, the news of the day was the Blockchain analysis that shows connections between four of 2020’s biggest ransomware strains. The cybersecurity researchers stated that many RaaS affiliated are carring out attacks by switching the most prominent ransomware strains, namely Maze, Egregor, SunCrypt, and Doppelpaymer.

5 February, 2021

Two major electric utilities companies, Centrais Eletricas Brasileiras (Eletrobras) and Companhia Paranaense de Energia (Copel), from Brazil belonging reported this date that they suffered ransomware attack over the past week.

More Stories

Windows 11 Update: Say Bye To These Features

June 25, 2021

Massachusetts MassNotify Android COVID App Forced By Google

June 21, 2021

What’s New With Microsoft Windows 10 Build 19043.1052

June 10, 2021

You may have missed

How to Remove Deadnet Ransomware Ransomware And Recover .deadnet26 Files

September 2, 2023

How to Remove Nzoq Ransomware And Decrypt .nzoq Files

September 2, 2023

How to Remove Chromestera Browser Hijacker

September 2, 2023

Be Vigilant Of The Emails Did Not Reach Your Inbox Email Scam

September 2, 2023

Don’t Fall Prey To The View And Upload Required Documents Email Scam

September 2, 2023