Ransomware, dubbed Defray, comes hidden in rigged Microsoft Word document attachments, sent via email. Researchers say the malware may not be destined for large-scale attacks. Attackers ask for $5,000 in ransom notes dropped throughout the victim s machine. On Windows 7 Defray will keep track of running programs, like the task manager or any browsers open, and kill them with a GUI. Researchers said they saw the ransomware disable startup recovery and delete any volume shadow copies, something that could draw the ire of admins.
Source: https://threatpost.com/defray-ransomware-seen-targeting-education-healthcare-industry/127656/