Tue. May 26th, 2020

New Ransomware Targeting Organizations Corporate Network

Security researchers have discovered a new ransomware targeting organizations, Bleeping Computer reports.


According to the MalwareHunterTeam, the ransomware, dubbed SNAKE, is targeting organizations’ entire corporate network. After discovering the ransomware, last week, the MalwareHunterTeam shared it with security researcher Vitali Kremez.


An analysis of the virus found that it is written in Golang and employs a high-level of obfuscation.

“The ransomware contains a level of routine obfuscation not previously and typically seen coupled with the targeted approach,” Kremez said.


Even more, once the ransomware infects a system, it deletes the target computer’s Shadow Volume Copies before terminating various processes related to SCADA system, virtual machines, remote management tools, network management systems, and other systems. It then encrypts files on the machine and sends a ransom note.


Source: Bleeping Computer


“As you can see from the language in the ransom note, this ransomware specifically targets the entire network rather than individual workstations. They further indicate that any decryptor that is purchased will be for the network and not individual machines, but it is too soon to tell if they would make an exception.”


The SNAKE ransomware is still being analyzed for weaknesses.