As the title says, Trend Micro has a newly discovered ransomware. This malware poses as another ransomware known as Locky yet seems to be just riding on Locky’s infamy coattails. This malware uses Python Scripts converted into standalone executables, lays dormant for 11.5 days or 999,999 seconds before it begins to encrypts files in 3DES… all while communicating to the control server. Yikes…
Attacks have been mostly European focused.
Xinteng Chen says
Hi Brock
Thanks for sharing the newest ransomware. It is important to know more new malware in the world and think about how to prevent them. According to the article, the ransomware is to bypass static analysis methods using the Inno Setup Installer and PyInstaller which makes it more dangerous. It is distributed using spam campaigns while the spam messages have started low in volume they have increased over time. Therefore, it is important to train employees about the email security awareness.