Buer is malware-as-a-service product that provide initial foothold in the victim's machine and deliver whatever payload it's owner what to deliver. It can be a RAT or Stealer. Recently it is know to be delivering ransomware like Ryuk.
Blackrota is a backdoor written in go lang and targets Docker containers. It attempts to exploit an unauthorized-access vulnerability in the Docker Remote API.
A new malware campaign using npm registry as a mode of spreading. This Malware is debut as CursedGrabber. Its designed to steal Discord App Tokens, personal information such payment information and web browser files of the users.
MountLocker ransomware encrypts company and business user data with ChaCha20 + RSA-2048. It then demands a $ 2 million ransom in BTC to get the files back.It gives the hacked company 3 days and threatens to publish the stolen data "all over the Internet" in order to increase pressure on the victim.
Ranzy Locker Ransomware is the successor of Ako Ransomware and ThunderX Ransomware. Update version contains a better encryption as ThunderX decryption tool became available at NoMoreRansom project's website. Beside enhancement in encryption and methods of ex-filtration, and the (now commonplace) use of a public "leak blog" to post victim data for those who do not comply with the ransom demand.
