A new ransomware family called NamPoHyu Virus or MegaLocker Virus is targeting victims a bit differently than other ransomware. Instead of an executable running on a victim’s computer, the attacker is running the ransomware locally and having it remotely encrypting accessible Samba servers. The good news is that a method to decrypt files encrypted by this ransomware may have been discovered. This article will be updated as more information becomes available, so you can register an account and subscribe to the article’s comments.
Source: https://www.bleepingcomputer.com/news/security/nampohyu-virus-ransomware-targets-remote-samba-servers/