Heads are being scratched after the Babuk ransomware builder appears on VirtuTotal, adding to the gang’s reputation for confusion.
We discovered a new Mac malware, ThiefQuest, that appeared to be ransomware at first glance. However, once we dug in deeper, we found out its true identity—and intention.
The ransomware previously known as Blind has been spotted recently with a .napoleon extension and a bug fix that means files can no longer be decrypted by victims. In this post, we’ll analyze the sample for its structure, behavior, and distribution method.