A little less than a year ago, we started providing free decryption tools for victims of ransomware attacks. Today we’re pleased to announce that we’ve just released our 20th free ransomware decryption tool: a free decryption tool for the En…
Avast is now detecting mobile ransomware, which we will refer to as “WannaLocker” from now on. The ransomware is targeting Chinese Android users. WannaLocker’s ransom message screen may look familiar to you and that’s because it looks just like the WannaCry ransomware screen, the ransomware that spread like wildfire around the world mid-May. Another interesting aspect is that WannaLocker encrypts files on the infected device’s external storage, something we haven’t seen since Simplocker in 2014.
Special thanks to Ladislav Zezula for working on this blog post and the decryptor tool!
Blog post and research by Pavel Sramek, David Jursa, and Lukas Rypacek
WannaCry, the worst ransomware outbreak in history, gained a lot of media attention, but WannaCry isn’t the only malware strain spreading on a massive scale. One of them is Adylkuzz, a cryptocurrency miner, that has been infecting PCs around the world, just like WannaCry.
While last Friday wasn’t Friday the 13th, it sure seemed like it. PCs around the world, including those belonging to hospitals and government agencies, were hit by the WannaCry (AKA WanaCrypt0r, or WCry) ransomware, causing chaos. Up until now we have seen more than 250,000 detections in 116 countries. About 15% of our more than 400 million users worldwide haven’t patched the MS17-010 vulnerability, which could have made them vulnerable to this attack, if they didn’t have Avast protecting them.