1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Researchers release free decryption tools for PowerWare and Bart ransomware

Discussion in 'CSO' started by RSS, Jul 22, 2016.

  1. RSS

    RSS New Member Member

    Security researchers have released tools this week that could help users recover files encrypted by two relatively new ransomware threats: Bart and PowerWare.

    PowerWare, also known as PoshCoder, was first spotted in March, when it was used in attacks against healthcare organizations. It stood out because it was implemented in Windows PowerShell, a scripting environment designed for automating system and application administration tasks.

    Researchers from security firm Palo Alto Networks have recently found a new version of this threat that imitates a sophisticated and widespread ransomware program called Locky. It uses the extension .locky for encrypted files and also displays the same ransom note used by the real Locky ransomware.

    To read this article in full or to leave a comment, please click here

    Continue reading...
     

Share This Page