{
	"id": "06096484-84a5-4496-8725-949d0878fb8c",
	"created_at": "2026-04-06T00:12:44.851715Z",
	"updated_at": "2026-04-10T13:12:34.578487Z",
	"deleted_at": null,
	"sha1_hash": "89ccc797b5f21e4eed33ed91bd1136b8ac491de8",
	"title": "Ransomware strain Troldesh spikes again – Avast tracks new attacks",
	"llm_title": "",
	"authors": "",
	"file_creation_date": "0001-01-01T00:00:00Z",
	"file_modification_date": "0001-01-01T00:00:00Z",
	"file_size": 688088,
	"plain_text": "Ransomware strain Troldesh spikes again – Avast tracks new\r\nattacks\r\nBy Jeff Elder 25 Jun 2019\r\nArchived: 2026-04-05 23:44:24 UTC\r\nAvast software has blocked more than 100,000 attacks by the ransomware strain this year, and recently shows the\r\nhighest prevalence of it since January\r\nThis week the ransomware known as Troldesh, which made headlines early this year, spiked again in Russia,\r\nMexico, and the U.S.\r\nAvast software has blocked more than 100,000 attacks by the ransomware strain this year, and recently shows the\r\nhighest prevalence of it since January. \r\nGraph shows attacks of Troldesh blocked by Avast. Last spike on right is from June 24. \r\nTroldesh (aka Shade) was spread by phishing emails last winter, and is reportedly now being spread via social\r\nnetworks and other messaging platforms, where posts point to malicious links. \r\nAvast researcher Jakub Křoustek was able to track a spike Monday (June 24) predominantly in Russia and\r\nMexico, but with smaller spikes in the U.K. and Germany. \r\nhttps://blog.avast.com/ransomware-strain-troldesh-spikes\r\nPage 1 of 2\n\n“We see a spike in the number of its attacks that is probably more to do with Troldesh operators trying to push this\r\nstrain harder and more effectively than any kind of significant code update,” Křoustek said. “Troldesh has been \r\nspreading in the wild for years with thousands of victims with ransomed files and it will probably stay prevalent\r\nfor some time.”\r\nRansomware caused global disruption in 2017’s WannaCry outbreak. Last spring a ransomware attack locked up\r\nmany of the files of the city of Baltimore, and other attacks hit Atlanta, San Antonio, and other cities. It is a type\r\nof malicious software (aka malware) that is designed to take your computer files – and sometimes even your entire\r\ncomputer – hostage. \r\nThe malware encrypts your files so that they cannot be opened, or it locks you out of your computer completely to\r\nprevent access to all of those important photos, videos, accounting files, work documents, and other files. Many\r\nsecurity experts advise against paying ransom to hackers because it empowers them, and encrypted files are often\r\nnot released, anyway. Find out more about protecting yourself from ransomware here.\r\nSource: https://blog.avast.com/ransomware-strain-troldesh-spikes\r\nhttps://blog.avast.com/ransomware-strain-troldesh-spikes\r\nPage 2 of 2",
	"extraction_quality": 1,
	"language": "EN",
	"sources": [
		"Malpedia"
	],
	"origins": [
		"web"
	],
	"references": [
		"https://blog.avast.com/ransomware-strain-troldesh-spikes"
	],
	"report_names": [
		"ransomware-strain-troldesh-spikes"
	],
	"threat_actors": [],
	"ts_created_at": 1775434364,
	"ts_updated_at": 1775826754,
	"ts_creation_date": 0,
	"ts_modification_date": 0,
	"files": {
		"pdf": "https://archive.orkl.eu/89ccc797b5f21e4eed33ed91bd1136b8ac491de8.pdf",
		"text": "https://archive.orkl.eu/89ccc797b5f21e4eed33ed91bd1136b8ac491de8.txt",
		"img": "https://archive.orkl.eu/89ccc797b5f21e4eed33ed91bd1136b8ac491de8.jpg"
	}
}