Big Head

Malware Profile Updated 3 months ago
Download STIX
Preview STIX
Big Head is a malicious software (malware) that emerged in May 2023, primarily targeting consumers rather than enterprises due to its relatively low ransom fee. This ransomware was designed to infiltrate systems through suspicious downloads, emails, or websites and encrypt files on compromised machines, disrupting operations and potentially stealing personal information. The malware has multiple variants, notably Big Head ransomware variant A and B, each leaving distinct ransom notes on the infected devices. Variant A has also been observed to leave an alternative note, including the attacker's Bitcoin address for immediate ransom payment. The majority of Big Head ransomware samples were submitted from the United States, indicating a significant impact on users within this region. Interestingly, while variant B did not encrypt any files in our test environment, it was still designed with the capability to do so. Both variants A and B have been known to alter desktop wallpapers and leave ransom notes as part of their attack strategy, further emphasizing their disruptive nature. FortiGuard Labs has developed antivirus signatures to detect known Big Head ransomware variants, enhancing system protection against this threat. Despite the malware's emergence in May 2023, there were no related transactions observed during that period, suggesting that victims may not have paid the demanded ransoms. As the malware continues to evolve, it's crucial for users to maintain up-to-date antivirus software and exercise caution when dealing with suspicious online content.
What's your take? (Question 1 of 5)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Fortiguard
Ransomware
Windows
Encrypt
Ransomware P...
Youtube
Malware
Microsoft
Bitcoin
China
Ransom
Encryption
Malvertising
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
MalloxUnspecified
1
Mallox, also known as Fargo and Tohnichi, is a sophisticated malware that first surfaced in June 2021. This ransomware infiltrates systems primarily via SQL servers and has been observed to be particularly active in Taiwan, India, Thailand, and South Korea. It employs various variants that append di
XollamUnspecified
1
Xollam is a malicious software, or malware, that operates as part of a ransomware group associated with various strains including TargetCompany, Tohnichi, Fargo, and Xollam. This group has seen a surge in activity, exploiting systems and causing significant damage. The malware infects systems throug
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Big Head Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
Fortinet
4 months ago
Ransomware Roundup - Big Head | FortiGuard Labs
CERT-EU
9 months ago
Why rookie hackers are capitalizing on ransomware
CERT-EU
10 months ago
Fake Bitwarden Password Manager Website Drops Windows ZenRAT
CERT-EU
a year ago
America’s ‘high fence’ around its technology ‘yard’ is getting bigger
CERT-EU
a year ago
8Base Ransomware Emerges from the Shadows
Fortinet
a year ago
Ransomware Roundup — Big Head | FortiGuard Labs
CERT-EU
a year ago
Warning Issued for 'Big Head' Ransomware Targeting Windows Operating System - Cybersecurity Insiders
CERT-EU
a year ago
Warning Issued for ‘Big Head’ Ransomware Targeting Windows Operating System | IT Security News
CERT-EU
a year ago
“Big Head” ransomware fakes Windows Update to trick users | IT Security News
CERT-EU
a year ago
Fake Chrome Browser Update Installs NetSupport Manager RAT
CERT-EU
a year ago
Cl0p Ransomware Gang Leaks MOVEit Data on Clearweb Sites
CERT-EU
a year ago
Big Head Ransomware Found in Malvertising and Fake Windows Updates
CERT-EU
a year ago
Beware of Big Head Ransomware: Spreading Through Fake Windows Updates
CERT-EU
a year ago
New Ransomware Strain Discovered: Big Head
CERT-EU
a year ago
Cyber Security Today, July 10, 2023 – A second insurance company sideswiped by the MOVEit hack, a Truebot malware warning, and more | IT World Canada News