When you purchase through links on our site, we may earn an affiliate commission.Heres how it works.

Single actor?

The second group first made sure its encryptor doesnt trigger any antivirus or antimalware alarms.

A laptop with a red screen with a white skull on it with the message: "RANSOMWARE. All your files are encrypted."

To that end, they installed different tools, such as Process Hacker and AdvancedIP Scanner.

Eventually, after reducing system security, the adversary ran Ymir to achieve their goals, the researchers conclude.

ViaThe Hacker News

You might also like