Big Head

Malware Profile Updated 13 days ago
Download STIX
Preview STIX
Big Head is a malicious software (malware) that emerged in May 2023, primarily targeting consumers rather than enterprises due to its relatively low ransom fee. This ransomware was designed to infiltrate systems through suspicious downloads, emails, or websites and encrypt files on compromised machines, disrupting operations and potentially stealing personal information. The malware has multiple variants, notably Big Head ransomware variant A and B, each leaving distinct ransom notes on the infected devices. Variant A has also been observed to leave an alternative note, including the attacker's Bitcoin address for immediate ransom payment. The majority of Big Head ransomware samples were submitted from the United States, indicating a significant impact on users within this region. Interestingly, while variant B did not encrypt any files in our test environment, it was still designed with the capability to do so. Both variants A and B have been known to alter desktop wallpapers and leave ransom notes as part of their attack strategy, further emphasizing their disruptive nature. FortiGuard Labs has developed antivirus signatures to detect known Big Head ransomware variants, enhancing system protection against this threat. Despite the malware's emergence in May 2023, there were no related transactions observed during that period, suggesting that victims may not have paid the demanded ransoms. As the malware continues to evolve, it's crucial for users to maintain up-to-date antivirus software and exercise caution when dealing with suspicious online content.
What's your take? (Question 1 of 3)
Help tune the shared Cybergeist dataset, assist your peers, and earn karma. Expand the panel to get started.
Possible Aliases / Cluster overlaps
It's hard to track cluster overlaps and naming conventions between vendors, so here are some possible overlapping names / profiles you also may want to look at.
IDVotesProfile Description
Miscellaneous Associations
Other elements of context that could aid in the identification of relevance
Ransomware
Windows
Fortiguard
Encrypt
Associated Malware
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Threat Actors
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Associated Vulnerabilities
To see the evidence that has resulted in this association, create a free account
IDTypeVotesProfile Description
No associations to display
Source Document References
Information about the Big Head Malware was read from the documents corpus below. This display is limited to 20 results, create a free account to see more
SourceCreatedAtTitle
CERT-EU
10 months ago
Warning Issued for ‘Big Head’ Ransomware Targeting Windows Operating System | IT Security News
CERT-EU
8 months ago
Fake Bitwarden Password Manager Website Drops Windows ZenRAT
CERT-EU
10 months ago
Cyber Security Today, July 10, 2023 – A second insurance company sideswiped by the MOVEit hack, a Truebot malware warning, and more | IT World Canada News
CERT-EU
10 months ago
Beware of Big Head Ransomware: Spreading Through Fake Windows Updates
CERT-EU
10 months ago
“Big Head” ransomware fakes Windows Update to trick users | IT Security News
Fortinet
2 months ago
Ransomware Roundup - Big Head | FortiGuard Labs
CERT-EU
10 months ago
Big Head Ransomware Found in Malvertising and Fake Windows Updates
CERT-EU
10 months ago
Warning Issued for 'Big Head' Ransomware Targeting Windows Operating System - Cybersecurity Insiders
CERT-EU
10 months ago
New Ransomware Strain Discovered: Big Head
CERT-EU
a year ago
8Base Ransomware Emerges from the Shadows
Fortinet
a year ago
Ransomware Roundup — Big Head | FortiGuard Labs
CERT-EU
10 months ago
Cl0p Ransomware Gang Leaks MOVEit Data on Clearweb Sites
CERT-EU
10 months ago
America’s ‘high fence’ around its technology ‘yard’ is getting bigger
CERT-EU
9 months ago
Fake Chrome Browser Update Installs NetSupport Manager RAT
CERT-EU
7 months ago
Why rookie hackers are capitalizing on ransomware