Thursday , June 11 2026
StopCrypt

StopCrypt: Most widely distributed ransomware evades detection

infosecbulletin Saturday , March 16 2024 Ransomware

The SonicWall Capture Labs threat research team recently observed a new variant of StopCrypt ransomware. The ransomware executes its malicious activities by utilizing multi-stage shellcodes before launching a final payload that contains the file encryption code.

StopCrypt, also known as STOP Djvu, is a widely spread ransomware, as reported by BleepingComputer. Unlike other ransomware that focuses on big corporations, StopCrypt specifically targets everyday users.

Security Update: RoguePlanet, BitLocker Bypass, Chromium Zero-Day, and More Critical Threats Uncovered

By infosecbulletin / Wednesday , June 10 2026
Cybersecurity experts found several serious flaws this week in Windows, Chromium, OpenSSL, Microsoft Exchange, and ServiceNow. Some of these flaws...
Read More
Security Update: RoguePlanet, BitLocker Bypass, Chromium Zero-Day, and More Critical Threats Uncovered

73 Microsoft Packages Compromised in Password Stealer Attack

By infosecbulletin / Wednesday , June 10 2026
GitHub disabled 73 repositories in four Microsoft groups: Azure, Azure-Samples, Microsoft, and MicrosoftDocs. Each repo now shows GitHub’s “This repository...
Read More
73 Microsoft Packages Compromised in Password Stealer Attack

New Windows Defender ‘RoguePlanet’ zero-day grants SYSTEM privileges

By infosecbulletin / Wednesday , June 10 2026
A security expert shared a new Microsoft Defender vulnerability called "RoguePlanet" only hours after Microsoft fixed two earlier problems in...
Read More
New Windows Defender ‘RoguePlanet’ zero-day grants SYSTEM privileges

Microsoft June Patches 200 Vulnerabilities including 3 zero days

By infosecbulletin / Wednesday , June 10 2026
Microsoft's June 2026 Patch Tuesday updates fix about 200 security flaws found in the company's products. None of the flaws fixed...
Read More
Microsoft June Patches 200 Vulnerabilities including 3 zero days

World’s first wind power underwater data center is now live

By infosecbulletin / Tuesday , June 9 2026
The first business underwater data center run by offshore wind has started working near Shanghai. Submerged 10 metres under the...
Read More
World’s first wind power underwater data center is now live

VMware Fixed Multiple Flaws Allow Attackers to Inject Malicious Scripts

By infosecbulletin / Tuesday , June 9 2026
Broadcom has revealed three stored cross-site scripting (XSS) flaws that affect VMware Cloud Foundation Operations and some other products. They...
Read More
VMware Fixed Multiple Flaws Allow Attackers to Inject Malicious Scripts

CVE-2026-50751
Check Point VPN 0-day Flaw Exploited in the Wild 

By infosecbulletin / Tuesday , June 9 2026
Check Point Research found that CVE-2026-50751, a serious flaw in Check Point Remote Access VPN and Mobile Access, is being...
Read More
CVE-2026-50751 Check Point VPN 0-day Flaw Exploited in the Wild 

AI-designed First ‘universal vaccine’ tested in humans

By infosecbulletin / Monday , June 8 2026
AI helped to make a new kind of vaccine that can protect people from many types of viruses and stop...
Read More
AI-designed First ‘universal vaccine’ tested in humans

China Unveils First Prefabricated Data Center Base, Reducing Construction Time by 70%

By infosecbulletin / Sunday , June 7 2026
The world's first prefabricated computing power center base officially began operation on Saturday in Qingdao City, east China's Shandong Province,...
Read More
China Unveils First Prefabricated Data Center Base, Reducing Construction Time by 70%

Hacker now exploits recently patched SolarWinds Serv-U flaw

By infosecbulletin / Saturday , June 6 2026
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) said today that hackers are using a newly fixed serious SolarWinds Serv-U...
Read More
Hacker now exploits recently patched SolarWinds Serv-U flaw

This malware is spread through websites used for sharing copyrighted software. When you download the software, the malware is also downloaded.

This malware isn’t new, it has been around since 2018, but it has evolved over the years to be harder to detect.

The new version of this malware is more complex and difficult to detect because it uses multiple stages of execution. It also utilizes API calls on the stack to allocate memory.

The malware will take control of other processes and run its code in the background.

Malware can modify access control lists, preventing users from deleting crucial malware files and directories.

Once everything is done, you will receive a _readme.txt message in each directory with instructions on how to unlock your files.

Source: SonicWall

This malware has been a problem for years. To stay safe, be vigilant and avoid shady websites.

Ransomware is a big threat. It stole data from 27,000 people at Stanford. There are other malwares causing trouble, and a recent one is Vcrums malware targeting browsers.

Check Also

Interlock ransomware

CVE-2026-20131
Interlock Ransomware gang exploits Cisco FMC zero-day since January

The Interlock ransomware group has been exploiting a remote code execution (RCE) flaw in Cisco’s …

Mail: [email protected]
© Copyright 2026, All Rights Reserved InfoSecBulletin