Magnitude EK is now using a fileless technique to load the GandCrab ransomware. The payload is encoded and embedded in a scriplet that is later decoded in memory and executed. A ransom note is left with instructions on the next steps required to recover those files. Malwarebytes users are protected against this attack when either the Internet Explorer (CVE-2016-0189) or Flash Player (CRAB) exploits are fired. The latest version cannot be decrypted at the moment.”]

