1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

HDDCryptor ransomware uses open source tools to thoroughly own systems

Discussion in 'Help Net Security' started by RSS, Sep 20, 2016.

  1. RSS

    RSS New Member Member

    HDDCryptor (aka Mamba) is a particularly destructive piece of ransomware that encrypts files in mounted drives and network shares, locks the computers’ hard disk, and overwrites their boot disk MBR. This last action leaves the systems unable to boot up, and makes the ransom note appear: The malware uses Netpass, a legitimate tool for recovering all network passwords stored on the system for the current logged-on user, to connect to networked folders and encrypt their … More →

    Continue reading...

Share This Page