{
	"id": "efd9fd8f-14ed-417f-8868-2419ddf3d2b6",
	"created_at": "2026-04-06T00:20:51.29764Z",
	"updated_at": "2026-04-10T13:12:09.611745Z",
	"deleted_at": null,
	"sha1_hash": "7ef8b90b36386780e7990a5ec95a6f61e2b649f6",
	"title": "GlobeImposter which has more than 20 variants, is still wildly growing | 360 Total Security Blog",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 35404,
	"plain_text": "GlobeImposter which has more than 20 variants, is still wildly\r\ngrowing | 360 Total Security Blog\r\nPublished: 2018-08-30 · Archived: 2026-04-05 22:24:38 UTC\r\nAug 30, 2018Elley\r\nChoose a language\r\nLearn more about 360 Total Security\r\nRecently, 360 Security Team found the new variant of GlobeImposter ransomware family is actively spreading\r\nworldwide that has affected the great number of users. Moreover, the attack is expected to be more serious in the\r\nfuture.\r\nGlobeImposter can be seen as one of the most powerful ransomware in these years. It uses a high-intensity\r\nalgorithm for encryption. Once the files are encrypted, it is almost impossible to decrypt the documents. Then the\r\nhacker will send the payment method to the victim via email, and the victim is charged from 1 to 10 bitcoins.\r\nUsers should be aware of the severity of GlobeImposter ransomware attack due to not only its high-intensity data\r\nencryption algorithm but also its large number of variants. There have been more than 20 varieties of the family’s\r\nvariants since June.\r\nThe new variant discovered this time is with the extension NACRO. Although it is similar to the previous variants,\r\nthe power of the attack is still not to be underestimated. If the computer is infected, the victim will find they\r\ncannot open their files, and the format will be tampered with seriously. After that, the attack will leave the contact\r\nform to the victim as usual.\r\nQihoo 360’s Security Brain provides the latest techniques to protect our users\r\nWe found that GlobeImposter has various attack techniques, which is spread through cracking weak passwords.\r\nPreviously, a number of servers in a Chinese children’s hospital were infected with the ransomware. The hospital’s\r\ndatabase files were encrypted, and its hospital information system could not be used normally. As a result, the\r\npatients of the hospital cannot pay medical expenses and make the appointment with doctors.\r\nTo keep away from the ransomware attacks, prevention is always better than cure. Qihoo 360’s Security Brain is\r\nan all-in-one intelligent security system that comprehensively utilizes new technologies such as artificial\r\nintelligence, big data, cloud computing, IoT intelligent sensing, and blockchain to protect the country, national\r\ndefense, critical infrastructure, society, and cities and personal network security. Among them, its situational\r\nawareness system can capture global malicious attacks or network anomalies in real time.\r\nReminder\r\nWe would like to recommend our users that they should install 360 Total Security to fight against the ransomware\r\nhttps://blog.360totalsecurity.com/en/globeimposter-which-has-more-than-20-variants-is-still-wildly-growing/\r\nPage 1 of 2\n\nattacks. 360 Total Security would comprehensively protect our users from multiple dimensions such as the weak\r\npassword automatic check, remote login protection, vulnerability intrusion prevention, and document protection.\r\nLearn more about 360 Total Security\r\nSource: https://blog.360totalsecurity.com/en/globeimposter-which-has-more-than-20-variants-is-still-wildly-growing/\r\nhttps://blog.360totalsecurity.com/en/globeimposter-which-has-more-than-20-variants-is-still-wildly-growing/\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://blog.360totalsecurity.com/en/globeimposter-which-has-more-than-20-variants-is-still-wildly-growing/"
	],
	"report_names": [
		"globeimposter-which-has-more-than-20-variants-is-still-wildly-growing"
	],
	"threat_actors": [],
	"ts_created_at": 1775434851,
	"ts_updated_at": 1775826729,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/7ef8b90b36386780e7990a5ec95a6f61e2b649f6.pdf",
		"text": "https://archive.orkl.eu/7ef8b90b36386780e7990a5ec95a6f61e2b649f6.txt",
		"img": "https://archive.orkl.eu/7ef8b90b36386780e7990a5ec95a6f61e2b649f6.jpg"
	}
}