Cybercriminals abuse the benign Hidden Tear ransomware project once again. This educational code becomes a basis for another real-world crypto malware. The fresh offshoot is dubbed TrOwX. It appends the .locked extension to encoded files and drops a ransom note named READ_AND_CRY.txt. Besides English speaking victims it targets users in China.

Day 10A renowned antivirus vendor from Israel reports a wave of ransomware strains tailored to infect two specific businesses. Those two companies received thirty-six Android devices from the source that remains undisclosed. The crooks pre-infected the modern equipment before its shipment with Slocker malicious encryptor, as well as another malware called Loki.

Kaspersky Labs unearths yet another state-linked malware

[5] MalBus: Popular South Korean Bus App Series in Google Play Found Dropping Malware After 5 Years of Development. -blogs/mcafee-labs/malbus-popular-south-korean-bus-app-series-in-google-play-found-dropping-malware-after-5-years-of-development/. Cited Jul., 2019. 2ff7e9595c