HCHTech
Well-Known Member
- Reaction score
- 4,273
- Location
- Pittsburgh, PA - USA
Described on Bleeping Computer here. Just had a business customer hit this morning. Luckily the workstation AV stopped it so only a single shared directory on the server was hit, and we've got good backups. Still, one more to watch out for.
For this variant, the ransom note file takes the form of:
_**_WHAT_is.html
where "**" is a random or sequential number (not sure which). One more to add to my RMM script that looks for ransom notes.
For this variant, the ransom note file takes the form of:
_**_WHAT_is.html
where "**" is a random or sequential number (not sure which). One more to add to my RMM script that looks for ransom notes.