Secplicity Blog

Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/azzasec AzzaSec (AzzaSecurity) is both the name of the ransomware and of an Italian hacktivist group. That is based on research from Threatmon, which wrote an extensive report on this ransomware and its members. The other two…

Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/anonymous Anonymous ransomware is built from the NoCry ransomware builder, based on the infamous WannaCry ransomware. This is evident from the debug string in the discovered sample (C:\Users\Anonymous\Desktop\NoCry Builder +…

Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/ghoshacker GhosHacker, which is seemingly a misspelling of GhostHacker based on the ransom note dropped with the same name—GhostHacker.exe—is a crypto-ransomware built from the NoCry ransomware builder. This allegation comes from…

Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/blackskull BlackSkull is a near clone of GhosHacker and Anonymous and is theorized to be an early version of AzzaSec. All four of these are created from the NoCry ransomware builder, based on the infamous WannaCry ransomware…

Entry: https://www.watchguard.com/wgrd-security-hub/ransomware-tracker/cybervolk CyberVolk is a self-proclaimed hacktivist group with various allegiances to other hacktivist groups throughout the globe, including Anonymous (their subsidiaries), White_Hunters, Cyber Hunters, and others. They even…

Publication: Dr. Joseph L Popp Jr and The First-Ever Ransomware – The AIDS Trojan If you work in information security or the computer science field, there's a good chance you've heard of the first-ever ransomware – the AIDS Trojan. There's also a chance you know the basics of that story. An…