Ransomware Alert

Ransomware is a type of malware that prevents or limits users from accessing their system. This type of malware forces its victims to pay the ransom through certain online payment methods in order to grant access to their systems, or to get their data back

This one uses “brute force” attacks on servers running either Remote Desktop or Terminal Services (with standard or weak passwords)

The ransomware is called LowLevel04 and encrypts data using RSA-2048 encryption, the ransom money figures have become much higher

This ransom-ware strain has been reported under various names including Trojan-Ransom.NSIS.ONION.air

Info accredited to Larry Abrams and Stu Sjouwerman

Larry Abrams at Bleeping Computer was the first one to report this – Full article



01603 673787