Malware, virus, and threat encyclopedia

We’ve seen how ransomware managed to become a threat category that sends consumers and enterprise reeling when it hits them.  It has become a high-commodity malware that is used as payload to spam email, macro malware, and exploit kit campaigns. It also digs onto victims’ pockets in exchange for recovering files from their encrypted form.  This is where Crowti, Tescrypt, Teerac, and Locky have been very active.

Ransom:MSIL/Samas, which surfaced in the past quarter, has a different way of getting into the system – it has a more targeted approach of getting installed.  We have observed that this threat requires other tools or components to aid its deployment:
The majority of the Ransom:MSIL/Samas infections are detected in North America, and a few instances in Europe.

Read more about Samas on our blog "No mas, Samas: What's in this ransomware's modus operandi?"

But yes, you can say "no mas" (translation from Spanish: no more) to Samas ransomware.

To help prevent yourself from falling prey to Samas or other ransomware attacks, use Windows Defender for Windows 10 as your antimalware scanner, and ensure that MAPS has been enabled.

Though ransomware and macro-based malware are on the rise, there’s still something that you or your administrators can proactively do:

Prevalent threats

The following are recent top 10 most-detected threats in each category for the past seven days.

Top rogues

Top exploits

Top unwanted software

Top ransomware

Recently published

Trojan:Win32/CrashOverride.A (Thu, 22 Jun 2017 23:25:45 PDT)
Ransom:Win32/Sorikrypt.A (Fri, 16 Jun 2017 10:33:12 PDT)
Ransom:Win32/Jaffrans (Thu, 15 Jun 2017 23:30:07 PDT)
Ransom:Linux/Erebus.A (Thu, 15 Jun 2017 02:42:14 PDT)
BrowserModifier:Win32/Xiazai (Tue, 13 Jun 2017 16:04:35 PDT)
Ransom:Win32/HydraCrypt.A (Thu, 08 Jun 2017 20:28:42 PDT)
Ransom:Win32/Spora.A (Thu, 08 Jun 2017 19:10:06 PDT)
Ransom:Win32/Wagcrypt.A (Thu, 08 Jun 2017 19:09:24 PDT)
Backdoor:ASP/Seasharpee.A (Wed, 31 May 2017 07:15:56 PDT)
Trojan:Win32/Adylkuzz.B (Fri, 19 May 2017 02:10:32 PDT)