Security Alerts & News
by Tymoteusz A. Góral

History
#1336 Development version of the Hitler-ransomware discovered
It looks like file deletion is becoming a standard tactic in new ransomware applications created by less skilled ransomware developers. This is shown in a new ransomware called Hitler-Ransomware, or mispelled in the lock screen as Hitler-Ransonware, that has been discovered by AVG malware analyst Jakub Kroustek. This ransomware shows a lock screen displaying Hitler and then states that your files were encrypted. It then prompts you enter a cash code for a 25 Euro Vodafone Card as a ransom payment to decrypt your files.

This ransomware appears to be a test variant based on the comments in the embedded batch file and because it does not encrypt any files at all. Instead this malware will remove the extension for all of the files under various directories, display a lock screen, and then show a one hour countdown as shown in the lock screen below. After that hour it will crash the victim's computer, and on reboot, delete all of the files under the %UserProfile% of the victim. I hope this is not the actual code that this ransomware developer plans on using if it goes live.
Read more
#1336 Development version of the Hitler-ransomware discovered
#1335 Can good encryption be a double-edged sword for security in Australia?
#1334 Rex Linux trojan can launch DDoS attacks, lock websites, mine for cryptocurrency
#1333 Anti-Google research group in Washington is funded by Oracle
#1332 How the NSA snooped on encrypted Internet traffic for a decade
#1331 Multiple vulnerabilities identified in ‘utterly broken’ BHU routers
#1330 New Brazilian banking trojan uses Windows PowerShell utility
History
2017: 01 02 03 04 05
2016: 01 02 03 04 05 06 07 08 09 10 11 12