October 28th 2018
Jakub Kroustek found two new Dharma variants that append the .like or .gdb extension.
October 30th 2018
A new ransomware called CommonRansom was discovered that has a very bizarre request. In order to decrypt a computer after a payment is made, they require the victim to open up Remote Desktop Services on the affected computer and send them admin credentials in order to decrypt the victim’s files. The ransomware appends the [firstname.lastname@example.org].CommonRansom extension and drops a ransom note named DECRYPTING.txt.