Introducing Symantec Security Response's new ransomware threat classification
search cancel

Introducing Symantec Security Response's new ransomware threat classification

book

Article ID: 163557

calendar_today

Updated On:

Products

Endpoint Protection

Issue/Introduction

Ransomware has now grown into one of the biggest dangers facing businesses and consumers today. 2015 was a record year, with one hundred new ransomware families discovered.

To simplify Symantec's naming convention for ransomware, Symantec Security Response is now issuing classifications that best reflect the commonly-used names for these threat families and variants.

Cause

Whatever the name for ransomware, take proper measures to protect your data and organization from ransomware threats. These resources can assist:

Resolution

To ease the short transition process, the following cross-reference is provided that lists known crypto threats' original classification, and our new name. Future ransom variants will be assigned a name in accordance with this new naming convention.

For example, samples of the prevalent Locky threat (also known as Zepto) will be detected as Ransom.Locky rather than the previous, less descriptive classification Trojan.Cryptolocker.AF.

Original Threat Name New Threat Name
JS.Racryptor JS.RansomRAA
JS.Ransomcrypt JS.Nemucod
JS.Ransomcrypt.B JS.Nemucod.B
OSX.Ransomcrypt OSX.Mabouia
Php.Cryptolocker.G PHP.CTBLocker
Php.Ransomcrypt.A PHP.Ransomweb
PHP.Ransomcrypt.B PHP.KimcilWare
Trojan.Cryptodefense Ransom.Cryptodefense
Trojan.Cryptodefense.B Ransom.Cryptowall.B
Trojan.Cryptolocker Ransom.Cryptolocker
Trojan.Cryptolocker.AA Ransom.ORXLocker
Trojan.Cryptolocker.AB Ransom.CryptInfinite
Trojan.Cryptolocker.AC Ransom.CryptoJoker
Trojan.Cryptolocker.AD Ransom.Seven
Trojan.Cryptolocker.AE Ransom.UmbreCrypt
Trojan.Cryptolocker.AF Ransom.Locky
Trojan.Cryptolocker.AG Ransom.PadCrypt
Trojan.Cryptolocker.AH Ransom.Cerber
Trojan.Cryptolocker.AI Ransom.Maktub
Trojan.Cryptolocker.AJ Ransom.Petya
Trojan.Cryptolocker.AK Ransom.Rokku
Trojan.Cryptolocker.AL Ransom.CryptoMix
Trojan.Cryptolocker.AM Ransom.Kovter.B
Trojan.Cryptolocker.AN Ransom.CryptXXX
Trojan.Cryptolocker.AO Ransom.Yougothacked
Trojan.Cryptolocker.AP Ransom.Mischa
Trojan.Cryptolocker.AR Ransom.Zyklon
Trojan.Cryptolocker.AS Ransom.MyLittleRansom
Trojan.Cryptolocker.AT Ransom.MIRCOP
Trojan.Cryptolocker.AU Ransom.Santana
Trojan.Cryptolocker.AV Ransom.Apocalypse
Trojan.Cryptolocker.AW Ransom.Pizzacrypt
Trojan.Cryptolocker.AX Ransom.PowerWare.B
Trojan.Cryptolocker.D Ransom.Cryptolocker.D
Trojan.Cryptolocker.E Ransom.Enciphered
Trojan.Cryptolocker.F Ransom.Cryptolocker.B
Trojan.Cryptolocker.G Ransom.CTBLocker
Trojan.Cryptolocker.H Ransom.TorrentLocker
Trojan.Cryptolocker.I Ransom.CryptoGraphic
Trojan.Cryptolocker.J Ransom.DecodeIndia
Trojan.Cryptolocker.K Ransom.CoinVault
Trojan.Cryptolocker.L Ransom.Keyholder
Trojan.Cryptolocker.M Ransom.CryptoTorLocker
Trojan.Cryptolocker.N Ransom.TeslaCrypt
Trojan.Cryptolocker.P Ransom.Pacman
Trojan.Cryptolocker.Q Ransom.PClock2
Trojan.Cryptolocker.R Ransom.Kriptovor
Trojan.Cryptolocker.S Ransom.PolloLocker
Trojan.Cryptolocker.T Ransom.Pollcrypto
Trojan.Cryptolocker.U Ransom.Tox
Trojan.Cryptolocker.V Ransom.Cryptolocker.C
Trojan.Cryptolocker.W Ransom.EncryptorRaaS
Trojan.Cryptolocker.X Ransom.Safefiles32
Trojan.Cryptolocker.Y Ransom.HiddenTear
Trojan.Cryptolocker.Z Ransom.CryptoApp
Trojan.Ransomcrypt.AA Ransom.DMALocker
Trojan.Ransomcrypt.AB Ransom.LeChiffre
Trojan.Ransomcrypt.AC Ransom.JobCrypter
Trojan.Ransomcrypt.AD Ransom.MVPLocker
Trojan.Ransomcrypt.AE Ransom.SamSam
Trojan.Ransomcrypt.AF Ransom.Coverton
Trojan.Ransomcrypt.AG Ransom.Cryptohasyou
Trojan.Ransomcrypt.AH Ransom.Sanction
Trojan.Ransomcrypt.AI Ransom.CryptoHost
Trojan.Ransomcrypt.AJ Ransom.Jigsaw
Trojan.Ransomcrypt.AK Ransom.AutoLocky
Trojan.Ransomcrypt.AL Ransom.TrueCrypter
Trojan.Ransomcrypt.AM Ransom.AlphaLocker
Trojan.Ransomcrypt.AN Ransom.MMLocker
Trojan.Ransomcrypt.AO Ransom.Bucbi
Trojan.Ransomcrypt.AP Ransom.Enigma
Trojan.Ransomcrypt.AQ Ransom.Mobef
Trojan.Ransomcrypt.AR Ransom.Shujin
Trojan.Ransomcrypt.AS Ransom.CryptoHitman
Trojan.Ransomcrypt.AT Ransom.777
Trojan.Ransomcrypt.AU Ransom.BadBlock
Trojan.Ransomcrypt.AV Ransom.Bloccato
Trojan.Ransomcrypt.AW Ransom.BlackShades
Trojan.Ransomcrypt.AX Ransom.ODCODC
Trojan.Ransomcrypt.AY Ransom.Crysis
Trojan.Ransomcrypt.AZ Ransom.DEDCryptor
Trojan.Ransomcrypt.BA Ransom.BART
Trojan.Ransomcrypt.BB Ransom.JuicyLemon
Trojan.Ransomcrypt.BC Ransom.LEIA
Trojan.Ransomcrypt.BD Ransom.HolyCrypt
Trojan.Ransomcrypt.BE Ransom.Stampado
Trojan.Ransomcrypt.BF Ransom.SMRSS32
Trojan.Ransomcrypt.BG Ransom.SharkRaaS
Trojan.Ransomcrypt.BH Ransom.Hit
Trojan.Ransomcrypt.G Ransom.OMG
Trojan.Ransomcrypt.H Ransom.TorLocker
Trojan.Ransomcrypt.I Ransom.BitCrypt
Trojan.Ransomcrypt.J Ransom.PowerWare
Trojan.Ransomcrypt.K Ransom.CasinoMG
Trojan.Ransomcrypt.L Ransom.KeyBTC
Trojan.Ransomcrypt.M Ransom.RARcrypt
Trojan.Ransomcrypt.N Ransom.Zerolocker
Trojan.Ransomcrypt.O Ransom.Ophionlocker
Trojan.Ransomcrypt.P Ransom.PClock
Trojan.Ransomcrypt.Q Ransom.BandarChor
Trojan.Ransomcrypt.R Ransom.VaultCrypt
Trojan.Ransomcrypt.S Ransom.ThreatFinder
Trojan.Ransomcrypt.T Ransom.Troldesh
Trojan.Ransomcrypt.U Ransom.Cryakl
Trojan.Ransomcrypt.V Ransom.Chimera
Trojan.Ransomcrypt.W Ransom.Radamant
Trojan.Ransomcrypt.X Ransom.HiBuddy
Trojan.Ransomcrypt.Y Ransom.Ransom32
Trojan.Ransomcrypt.Z Ransom.NanoLocker
Trojan.Ransomlock.AK Ransom.Kovter
Trojan.Ransomlock.AL Ransom.FakeDOJ
Trojan.Ransomlock.AM Ransom.SupportScam
Trojan.Ransomlock.AN Ransom.FakeDHS
Trojan.Ransomlock.AQ Ransom.BrLock
Trojan.Ransomlock.AS Ransom.SupportScam.B
Trojan.Ransomlock.AT Ransom.SupportScam.C
Trojan.Synolocker Ransom.Synolocker
Unix.Ransomcrypt Unix.LinuxEncoder
Unix.Ransomcrypt.B Unix.LinuxEncoder.B
W32.Cryptolocker.AQ W32.Zcrypt
W32.Ransomlock.AO W32.Virlock
W32.Ransomlock.AO!inf W32.Virlock!inf
W32.Ransomlock.AP W32.Rasith
W32.Ransomlock.AQ!inf W32.FakeDOJ!inf
Trojan.Cryptlock.AF!g1 Ransom.Locky!g1
Trojan.Cryptlock.AF!g2 Ransom.Locky!g2
Trojan.Cryptlock.AF!g3 Ransom.Locky!g3
Trojan.Cryptlock.AF!g4 Ransom.Locky!g4
Trojan.Cryptlock.AF!g5 Ransom.Locky!g5
Trojan.Cryptlock.AF!g6 Ransom.Locky!g6
Trojan.Cryptlock.AF!g7 Ransom.Locky!g7
Trojan.Cryptlock.AF!g8 Ransom.Locky!g8
Trojan.Cryptlock.AF!g9 Ransom.Locky!g9
Trojan.Cryptlk.AF!g10 Ransom.Locky!g10
Trojan.Cryptlk.AF!g11 Ransom.Locky!g11
Trojan.Cryptlock.AF!gm Ransom.Locky!gm
Trojan.Cryptlock.AH!g1 Ransom.Cerber!g1
Trojan.Cryptlock.AH!g2 Ransom.Cerber!g2
Trojan.Cryptlock.AH!g3 Ransom.Cerber!g3
Trojan.Cryptlock.AH!g4 Ransom.Cerber!g4
Trojan.Cryptlock.AH!g5 Ransom.Cerber!g5
Trojan.Cryptlock.AH!g6 Ransom.Cerber!g6
Trojan.Cryptlock.AH!g7 Ransom.Cerber!g7
Trojan.Cryptlock.AH!g8 Ransom.Cerber!g8
Trojan.Cryptlock.AH!g9 Ransom.Cerber!g9
Trojan.Cryptlk.AH!g10 Ransom.Cerber!g10
Trojan.Cryptlock.AH!gm Ransom.Cerber!gm
Trojan.Cryptlock.AI!gm Ransom.Maktub!gm
Trojan.Cryptlock.AL!gm Ransom.CryptoMix!gm
Trojan.Cryptlock.AN!g1 Ransom.CryptXXX!g1
Trojan.Cryptlock.AN!g2 Ransom.CryptXXX!g2
Trojan.Cryptlock.AN!g3 Ransom.CryptXXX!g3
Trojan.Cryptlock.AN!g4 Ransom.CryptXXX!g4
Trojan.Cryptlock.AN!g5 Ransom.CryptXXX!g5
Trojan.Cryptlock.AN!g6 Ransom.CryptXXX!g6
Trojan.Cryptlock.AN!g7 Ransom.CryptXXX!g7
Trojan.Cryptlock.AN!g8 Ransom.CryptXXX!g8
Trojan.Cryptlock.AN!g9 Ransom.CryptXXX!g9
Trojan.Cryptlk.AN!g14 Ransom.CryptXXX!g14
Trojan.Cryptlock.AN!gm Ransom.CryptXXX!gm
Trojan.Cryptlock.AW!gm Ransom.Pizzacrypt!gm
Trojan.Cryptlock.F!gm Ransom.Cryptlockr.B!gm
Trojan.Cryptlock.G!gm Ransom.CTBLocker!gm
Trojan.Cryptlock.H!gm Ransom.TorrentLock!gm
Trojan.Cryptlock.J!gm Ransom.DecodeIndia!gm
Trojan.Cryptlock.N!g1 Ransom.TeslaCrypt!g1
Trojan.Cryptlock.N!g2 Ransom.TeslaCrypt!g2
Trojan.Cryptlock.N!g3 Ransom.TeslaCrypt!g3
Trojan.Cryptlock.N!g4 Ransom.TeslaCrypt!g4
Trojan.Cryptlock.N!g5 Ransom.TeslaCrypt!g5
Trojan.Cryptlock.N!g6 Ransom.TeslaCrypt!g6
Trojan.Cryptlock.N!g7 Ransom.TeslaCrypt!g7
Trojan.Cryptlock.N!g8 Ransom.TeslaCrypt!g8
Trojan.Cryptlock.N!g9 Ransom.TeslaCrypt!g9
Trojan.Cryptlock.N!g10 Ransom.TeslaCrypt!g10
Trojan.Cryptlock.N!g11 Ransom.TeslaCrypt!g11
Trojan.Cryptlock.N!g12 Ransom.TeslaCrypt!g12
Trojan.Cryptlock.N!gm Ransom.TeslaCrypt!gm
Trojan.Cryptlock.W!g1 Ransom.EncRaaS!g1
Trojan.Cryptlock.W!g2 Ransom.EncRaaS!g2
Trojan.Cryptlock.W!gm Ransom.EncRaaS!gm
Trojan.Cryptlock.X!gm Ransom.SafeFiles32!gm
Trojan.Ranscrypt.AE!g1 Ransom.SamSam!gen1
Trojan.Ranscrypt.AE!g2 Ransom.SamSam!gen2
Trojan.Ranscrypt.AP!gm Ransom.Enigma!gm
Trojan.Ranscrypt.AY!gm Ransom.Crysis!gm
Trojan.Ranscrypt.BA!gm Ransom.BART!gm
Trojan.Ranscrypt.BB!gm Ransom.JuicyLemon!gm
Trojan.Ranscrypt.T!gm Ransom.Troldesh!gm
Trojan.Ranscrypt.U!g1 Ransom.Cryakl!gen1
Trojan.Ranscrypt.U!g2 Ransom.Cryakl!gen2
Trojan.Ranscrypt.U!gm Ransom.Cryakl!gm
Trojan.Ranscrypt.W!gm Ransom.Radamant!gm
Trojan.Ranscrypt.Z!gm Ransom.NanoLocker!gm
W32.Ransomlock.AO!gen1 W32.Virlock!gen1
W32.Ransomlock.AO!gen2 W32.Virlock!gen2
W32.Ransomlock.AO!gen3 W32.Virlock!gen3
W32.Ransomlock.AO!gen4 W32.Virlock!gen4
W32.Ransomlock.AO!gen5 W32.Virlock!gen5
W32.Ransomlock.AO!gen6 W32.Virlock!gen6
W32.Ransomlock.AO!gen7 W32.Virlock!gen7
W32.Ransomlock.AO!inf1 W32.Virlock!inf1
W32.Ransomlock.AO!inf2 W32.Virlock!inf2
W32.Ransomlock.AO!inf3 W32.Virlock!inf3
W32.Ransomlock.AO!inf4 W32.Virlock!inf4
W32.Ransomlock.AO!inf5 W32.Virlock!inf5
W32.Ransomlock.AO!inf6 W32.Virlock!inf6
W32.Ransomlock.AO!inf7 W32.Virlock!inf7
Trojan.Ranslock.AQ!g1 Ransom.BrLock!gen1
Trojan.Cryptlock.AF!s1 Ransom.Locky!s1
Trojan.Ranscrypt.AQ!gm Ransom.Mobef!gm
Trojan.Ransomlk.AK!g1 Ransom.Kovter!gen1
Trojan.Ransomlk.AK!g2 Ransom.Kovter!gen2
Trojan.Ransomlk.AK!g3 Ransom.Kovter!gen3
Trojan.Ransomlk.AK!gm Ransom.Kovter!gm
W32.Ransomlock.AQ!inf Ransom.FakeDOJ!inf
Trojan.Ransomlk.AL!inf Ransom.FakeDOJ!inf1
Trojan.Ransomlk.AP!inf Ransom.FakeDOJ!inf2
Trojan.Ranslock.AN!inf Ransom.FakeDOJ!inf3
JS.Ransomcrypt.B!php Ransom.Nemucod.B!php
Trojan.Cryptowall Ransom.Cryptowall
Trojan.Cryptdef!gen1 Ransom.CryptoWall!g1
Trojan.Cryptdef!gen10 Ransom.CryptoWall!g10
Trojan.Cryptdef!gen11 Ransom.CryptoWall!g11
Trojan.Cryptdef!gen12 Ransom.CryptoWall!g12
Trojan.Cryptdef!gen13 Ransom.CryptoWall!g13
Trojan.Cryptdef!gen14 Ransom.CryptoWall!g14
Trojan.Cryptdef!gen16 Ransom.CryptoWall!g16
Trojan.Cryptdef!gen17 Ransom.CryptoWall!g17
Trojan.Cryptdef!gen18 Ransom.CryptoWall!g18
Trojan.Cryptdef!gen19 Ransom.CryptoWall!g19
Trojan.Cryptdef!gen2 Ransom.CryptoWall!g2
Trojan.Cryptdef!gen3 Ransom.CryptoWall!g3
Trojan.Cryptdef!gen4 Ransom.CryptoWall!g4
Trojan.Cryptdef!gen5 Ransom.CryptoWall!g5
Trojan.Cryptdef!gen6 Ransom.CryptoWall!g6
Trojan.Cryptdef!gen7 Ransom.CryptoWall!g7
Trojan.Cryptdef!gen8 Ransom.CryptoWall!g8
Trojan.Cryptdef!gen9 Ransom.CryptoWall!g9
Trojan.Cryptdef!gm Ransom.CryptoWall!gm
Trojan.Cryptolock!g23 Ransom.Cryptolock!g23
Trojan.Cryptlocker!g10 Ransom.Cryptolock!g15
Trojan.Cryptolock!g10 Ransom.Cryptolock!g10
Trojan.Cryptolock!g11 Ransom.Cryptolock!g11
Trojan.Cryptolock!g12 Ransom.Cryptolock!g12
Trojan.Cryptolock!g13 Ransom.Cryptolock!g13
Trojan.Cryptolock!g14 Ransom.Cryptolock!g14
Trojan.Cryptolock!g19 Ransom.Cryptolock!g19
Trojan.Cryptolock!g21 Ransom.Cryptolock!g21
Trojan.Cryptolock!g22 Ransom.Cryptolock!g22
Trojan.Cryptolocker!g1 Ransom.Cryptolock!g1
Trojan.Cryptolocker!g2 Ransom.Cryptolock!g2
Trojan.Cryptolocker!g3 Ransom.Cryptolock!g3
Trojan.Cryptolocker!g4 Ransom.Cryptolock!g4
Trojan.Cryptolocker!g5 Ransom.Cryptolock!g5
Trojan.Cryptolocker!g6 Ransom.Cryptolock!g6
Trojan.Cryptolocker!g7 Ransom.Cryptolock!g7
Trojan.Cryptolocker!g8 Ransom.Cryptolock!g8
Trojan.Cryptolocker!g9 Ransom.Cryptolock!g9
Trojan.Cryptolocker!gm Ransom.Cryptolock!gm

Note: Symantec Security Response write-ups do not exist for every ransomware-related signature.

Powered by Wolken Software