Bad Rabbit is new wide-spread ransomware, that uses RSA-2048 and AES cryptography. It mostly targets enterprises in Eastern Europe. Security experts claim, that Bad Rabbit is related to previously distributed Petya и NotPetya viruses. Currently, several governmental institutions and banks were attacked by this virus in Russia, Ukraine, Turkey, Germany. Hackers demand ransom of 0.05 BTC (BitCoins), which is ~280$ and threaten to increase this amount if not paid within certain time gap. We strongly recommend not to send money, as in most cases malefactors do not send keys.
Ykcol is new ransomware virus from Locky ransomware family. It uses RSA-2048 and AES-128 cryptography to encrypt user data. After encryption ransomware appends .ykcol extension to all affected files and modifies filenames using certain pattern. Malware changes filenames to random combination of 36 letters with the following sequence: [8_random_letters]-[4_random_letters]-[4_random_letters]-[8_random_letters]-[12_random_letters].ykcol. Malefactors offer users to decrypt their files for 0.15 BTC (Bitcoins) or ~290$. As a rule, no decryption key is sent after the payment. Malware also creates 3 files: Ykcol.html, Ykcol_[4_digit_number].html, and Ykcol.bmp.
BTCWare Ransomware is a big family of ransomware, the successor of Crptxxx Ransomware. Latest versions of BTCWare use AES-192 encryption. This malware encrypts most types of documents, music, photos in user folders and adds various extensions to encrypted files. Originally it was .btcware suffix. Latest version use .cryptobyte, .cryptowin and .theva extensions.
Amnesia Ransomware is another ransomware virus, that encrypts documents, photos, music and other types of personal user files. Virus was written in Delphi programming language. Earlier versions of Amnesia use AES-256 encryption, latest versions use AES-128. After encryption most variants of Amnesia append .amnesia or .TRMT extensions to affected files.
WannaCry Ransomware new dangerous encrypting virus, that targets sensitive user files like documents, photos, videos, music and infected more then 250000 machines worldwide. Unfortunately, currently there are no way to restore your files, but there is no point to pay the ransom either, as malefactors never send the key. Threat developers earned more the $50000 in a few days since several hundreds of users paid the demanded amount. There is no information whether they received decryption service or not.
