A new DLL CryptoMix ransomware variant is reportedly using Windows Remote Desktop Services (RDS) to install itself on unsuspecting users machines. The attackers also apparently enabled the computers default admin account and changed its password. It then saved a ransom note to the compromised machine informing the victim to send their infection ID number to multiple email addresses. This attack also comes amid the growing costs associated with a ransomware attack. In April, Coveware observed that the average payment associated with ransomware in Q1 2019 had risen to $12,762.”]