List of ransomware


.Cryptohasyou
.Cryptohasyou is a ransomware that encrypts various files stored on the infiltrated system, including...

More

Alpha Crypt
Alpha Crypt, also known as AlphaCrypt and, incorrectly, Alpha Crypt virus, is a ransomware infection...

More

Ancalog
The exploit creator generates malicious documents, such as Word and PDF documents, Excel workbooks,...

More

Bad Rabbit

More

BandarChor
Discovered by Jakub Kroustek, BandarChor is a new variant of the high-risk ransomware called CryptFile2....

More

BlackByte
BlackByte is a RaaS that uses double extortion as part of its attacks. The threat actors behind this...

More

BlackCat
The creators of the BlackCat ransomware offer Ransomware-as-a-Service (RaaS). In other words, they allow...

More

Black Kingdom
Black Kingdom, also known as GAmmAWare, is a malicious program classified as ransomware. Systems infected...

More

Bleeding-life
The exploit kit has been used in several attack campaigns and focuses on vulnerabilities in several...

More

Bottle
This is an exploit kit used by ransomware.

More

Cerber
The Cerber ransomware was discovered in March 2016. Inspired by the Software-as-a-Service (SaaS) model,...

More

CHIP
The ransomware is distributed by the Empire Pack exploit kit and encrypts files with RSA encryption....

More

Clop
Clop Ransomware, which belongs to the Cryptomix ransomware family, is a dangerous file encryption virus...

More

Conti
Conti is a ransomware observed since 2020, reportedly distributed by a group based in Russia. The software...

More

Cring
The Cring ransomware made headlines as the threat was used in an attack that exploited a bug in the...

More

CryptFIle2
CryptFIle2 (also known as Bandarchor) is a ransomware that sneaks into systems and encrypts files using...

More

CryptoFortress
CryptoFortress is a ransomware that infiltrates systems through infected emails and fake downloads (e.g....

More

CryptoWall
CryptoWall is a ransomware malware that works by encrypting files on an infected computer and requires...

More

DeadBolt
The DeadBolt ransomware is targeting QNAP brand NAS devices. It exploits a zero-day security flaw present...

More

Dearcry
In March 2021, Microsoft released patches for four critical vulnerabilities in Microsoft Exchange servers....

More

DirtyDecrypt
DirtyDecrypt is a ransomware that infiltrates systems and encrypts various types of files (including...

More

Disdain
This is an exploit kit used by ransomware.

More

Dotkachef
Dotkachef is a new exploit kit that appeared in early 2013. Unlike the Magnitude and Neutrino exploit...

More

eCh0raix
Ech0raix (QNAPCryptName) is a type of malware classified as ransomware that uses unusual methods of...

More

ERIS
The ransomware adds ".eris" to infected files and uses Salsa20 and RSA-1024 encryption. Variants of...

More

FenixLocker
FenixLocker is another ransomware virus that encrypts files using AES cryptography. During encryption,...

More

FiveHands
FiveHands Ransomware is a threat that appears to have been exploited by hackers via a zero-day flaw...

More

Flimrans
The ransomware does not encrypt victims' files but locks the screen. The malware claims to belong to...

More

Hanjuan
HanJuan is a stealth exploit kit that specializes in exploiting vulnerabilities in Internet Explorer,...

More

HelloKitty
Unit42 says HelloKitty is a family of ransomware that first appeared in late 2020, primarily targeting...

More

Kaixin
The exploit kit (also known as CK VIP) reportedly originates from China and focuses on users who visit...

More

Locky
Locky is a ransomware Trojan sent via email and presented as an invoice that needs to be opened with...

More

Lorenz
Lorenz is a new variant of Sz40 ransomware, which is designed to encrypt data and demand a ransom for...

More

Magniber
The ransomware primarily targets South Korean victims and is distributed via the Magnitude exploit kit....

More

Mailto
The ransomware, also known as Netwalker, targets corporate networks and encrypts all Microsoft Windows...

More

Maze
Maze Ransomware encrypts files and makes them inaccessible while adding a custom extension containing...

More

Microsoft-word-intruder
The exploit kit was first discovered in 2013 and is used to create malicious Microsoft Office documents....

More

Mole
The ransomware poses as a shipping notice and claims to destroy the decryption key if the ransom is...

More

NanoLocker
The ransomware uses the AES-256 encryption algorithm to encrypt files and is deployed through spam emails...

More

Nebula
The Nebula virus is a recently discovered ransomware, it is a modified version of Noblis ransomware....

More

Nefilim
According to Vitali Kremez and Michael Gillespie, this ransomware shares much of the code with Nemty...

More

Nemty
The Nemty (Ransom.Nemty) ransomware, originally detected in August 2019, has increased its reach by...

More

Neptune
The exploit kit is a new brand of the Terror exploit kit. It is advertised on various forums and can...

More

Petya
The Petya ransomware began spreading internationally on June 27, 2017. Targeting Windows servers, PCs...

More

Qlocker
Qlocker is a ransomware malware. Malware in this category makes data inaccessible (mainly by encrypting...

More

Ransomware ESXi
Hypervisors running VMware ESXi are in the crosshairs of cybercriminals! This time, the ongoing attack...

More

Redkit
RedKit Exploit Kit is a dangerous hacking tool that is used to attack computer users who visit an attack...

More

Reveton
The ransomware poses as a law enforcement authority and scares victims into paying fines by informing...

More

REvil
REvil (also known as Sodinobiki) is a ransomware malware. Appearing in 2019, this ransomware is particularly...

More

Ryuk
Ryuk is a ransomware malware that was discovered in 2018. Ryuk is a version of ransomware attributed...

More

Sakura
Sakura will add its specific .Sakura extension to each file name. For example, a file named "photo.jpg"...

More

Sednit
The exploit kit is a custom kit used by the hacker group "Sednit" and targets vulnerabilities in Microsoft...

More

Sekhmet
The Sekhmet ransomware, which emerged in March 2020, has already disclosed stolen data from at least...

More

Sibhost
The Sibhost exploit kit redirects the user's browser to malicious servers that, in turn, take advantage...

More

Sodinokibi
First identified in 2019, Sodinokibi (also known as REvil or Evil Ransomware) was developed in a private...

More

Stampado
The ransomware-as-a-service (RaaS) is advertised on the Dark Web for and allows would-be criminals...

More

Terror
The exploit kit was discovered in late 2016 and its code base comes from the Sundown exploit kit. The...

More

TeslaCrypt
The TeslaCrypt ransomware was discovered in 2015 and continues to evolve. TeslaCrypt allows the victim...

More

Threadkit
The exploit kit is used to create malicious Microsoft Office documents in order to exploit a series...

More

Underminer
Underminer was first seen in 2017, targeting Asian countries by first deploying bootkits. It is a malware...

More

Wannacry
Wannacry is ransomware that was discovered in May 2017 during a massive global cyberattack. 300,000...

More

Whitehole
"Whitehole uses similar code to Blackhole, one of the most popular toolkits today, but with some differences,"...

More