Blog | G5 Cyber Security

Russian ransomware takes advantage of Windows PowerShell

Ransomware uses Windows PowerShell program to perform file encryption using Rijndael symmetric key encryption This variant also targets Russian users with a ransom message displayed in the Russian language. The ransom demand takes the form of a text file named READ_ME_NOW.txt, created in each encrypted file folder which contains encrypted files. The good news is that you can get the program and fully unlock and clean your PC in just a few minutes. The bad news – a program to unlock costs 10 TR for one PC.”]

Source: https://nakedsecurity.sophos.com/2013/03/05/russian-ransomware-windows-powershell/

Exit mobile version