Ordinypt Ransomware Intentionally Destroys Files, Currently Targeting Germany



HSDFSDCrypt-spam-email.jpgA new ransomware strain called Ordinypt is currently targeting victims in Germany, but instead of encrypting users' documents, the ransomware rewrites files with random data.

Discovered on Monday by G Data security researcher Karsten Hahn, the ransomware has been seen targeting only German users (based on VirusTotal detections) via emails written in German, and delivering ransom notes in an error-free German language. This ransomware was originally named by Karsten as HSDFSDCrypt for lack of a better name, but has since been changed to Ordinypt.

Similar to how the original Petya Ransomware was distributed, Ordinypt is also pretending to be resumes being sent in reply to job adverts. These emails contain two files — a JPG image of the woman supposedly sending a resume, and a ZIP file containing the resume and a curriculum vitae. More data at: https://www.bleepingcomputer.com/news/security/ordinypt-ransomware-intentionally-destroys-files-currently-targeting-germany/ 


RanSimFalPos.png

Free Ransomware Simulator Tool

How vulnerable is your network against a ransomware attack?

Bad guys are constantly coming out with new strains to evade detection. Is your network effective in blocking all of them when employees fall for social engineering attacks?

KnowBe4’s "RanSim" gives you a quick look at the effectiveness of your existing network protection. RanSim will simulate 10 infection scenarios and show you if a workstation is vulnerable to infection.

Get Started

 

Topics: Ransomware

Subscribe To Our Blog


Recent Posts




Get the latest about social engineering

Subscribe to CyberheistNews