![]() ![]() It also checks for services such as: vss, sql, veeam, logmein, etc., and terminates them if found. In addition to encrypting data, the ransomware deletes volume shadow copies, inhibiting the victim’s ability to recover affected files. ![]() This group also claims that victims who meet their financial demands will receive information on how the attacker was able to compromise them, along with recommendations for security improvement as a bonus. The ransom payment is not only for recovering affected files but also to prevent releasing that stolen information to the public. The Ragnar Locker group is known to employ a double extortion tactic. Ragnar Locker is ransomware for Windows and Linux that exfiltrates information from a compromised machine, encrypts files using the Salsa20 encryption algorithm, and demands that victims pay a ransom to recover their data. Severity level: High Ragnar Locker Ransomware Impact: Encrypts files on the compromised machine and demands ransom for file decryption ![]() Impacted parties: Microsoft Windows Users This latest edition of the Ransomware Roundup covers the Ragnar Locker ransomware. The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants. On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within the OSINT community and our datasets. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |