A new ransomware strain called Ordinypt is currently targeting victims in Germany, but instead of encrypting users' documents, the ransomware rewrites files with random data.
Discovered on Monday by G Data security researcher Karsten Hahn, the ransomware has been seen targeting only German users (based on VirusTotal detections) via emails written in German, and delivering ransom notes in an error-free German language. This ransomware was originally named by Karsten as HSDFSDCrypt for lack of a better name, but has since been changed to Ordinypt.
Similar to how the original Petya Ransomware was distributed, Ordinypt is also pretending to be resumes being sent in reply to job adverts. These emails contain two files — a JPG image of the woman supposedly sending a resume, and a ZIP file containing the resume and a curriculum vitae. More data at: https://www.bleepingcomputer.com/news/security/ordinypt-ransomware-intentionally-destroys-files-currently-targeting-germany/
Free Ransomware Simulator Tool
How vulnerable is your network against a ransomware attack?
Bad guys are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?
KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 10 infection scenarios and show you if a workstation is vulnerable to infection.
