A new variation of ransomware, Ragnar, has three unsettling capabilities:
- It scans your network for internal, external and network drives, mounting drives that are supposedly hidden.
- It runs within its own virtual machine, hiding from many older antivirus programs.
- It steals files, uploading them to the underground web so that criminals can demand extortion payments.
The creators of Ragnar teamed up with the Maze ransomware criminals to launch "Name and Shame" attacks on law offices and businesses.The criminals post a sample of stolen files on a temporary, public website. They threaten to post the entire collection of an extortion payment is not made.
In addition, Ragnar encrypts all the files of their victim, offering to unlock them once the ransom is paid.
For more information on Ragnar ransomware, see: Ragnar Locker ransomware deploys virtual machine to dodge security
Questions? Call us at 888.922.1120 or send us an email...