A new encryption ransomware attacking Russian and Ukrainian companies
Real-time threat news | Hot news | All the news | Virus alerts
June 27, 2017
According to data of our information security specialists, the Trojan is distributed independently, just as infamous WannaCry. Yet there is no precise data if it uses the same distribution mechanism. At present, our security researchers examine the new Trojan; we will give the details later on. Some mass media sources draw parallels with the ransomware Petya (in particular, Dr.Web detects it as Trojan.Ransom.369) due to the external side of the ransomware operation. However, a distribution method of the new threat is different from the standard pattern of Petya.
Today, on June 27 at 4.30 p.m., this encryption ransomware has been added to Dr.Web virus databases as Trojan.Encoder.12544.
Doctor Web advises all users to be vigilant and refrain from opening suspicious emails (this measure is required but is not fully sufficient). It is necessary to make backup copies of critically important data and to install all software security updates. Availability of an installed anti-virus is also crucial.