New ransomware uses RDP

One of the latest varieties of ransomware has been identified by Lawrence Abram as LowLevel04, and it’s spreading via Remote Desktop Services/Terminal Services and then encrypting files on the targeted computers and demanding payment in Bitcoin. The good news is that the malware (at least in this iteration) doesn’t delete the Shadow Volume copies, which means there’s hope of recovering the files without paying the ransom.

Read more about it:

http://www.scmagazine.com/ransomware-using-remote-desktop-to-spread-itself/article/448398/

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top