The Latest in IT Security

Snatch Team Steals Data and Hammers Orgs with Ransomware

10
Dec
2019
Snatch Team Steals Data and Hammers Orgs with Ransomware

image credit: flickr

A fresh ransomware variant known as “Snatch” has been spotted in campaigns, forcing Windows machines to reboot into Safe Mode before beginning the encryption process. It’s one of multiple components of a malware constellation being used in carefully orchestrated attacks that also feature rampant data collection.

According to researchers with SophosLabs, Snatch runs itself in an elevated permissions mode, and sets registry keys that instruct Windows to run it following a Safe Mode reboot.

“It the quickly reboots the computer into Safe Mode, and in the rarefied Safe Mode environment, where most software (including security software) doesn’t run, Snatch encrypts the victims’ hard drives,” explained Andrew Brandt, SophosLabs researcher, in a Monday posting.

Read More

Comments are closed.

Categories

WEDNESDAY, JANUARY 22, 2020
WHITE PAPERS

Mission-Critical Broadband – Why Governments Should Partner with Commercial Operators:
Many governments embrace mobile network operator (MNO) networks as ...

ARA at Scale: How to Choose a Solution That Grows With Your Needs:
Application release automation (ARA) tools enable best practices in...

The Multi-Model Database:
Part of the “new normal” where data and cloud applications are ...

Featured

Archives

Latest Comments