ShadowRoot Ransomware Targeting Turkish Businesses

Post author:MiamiCrypto
Post published:July 12, 2024
Post category:Uncategorized

Our X-Labs team’s research seems to have discovered and identified basic ransomware targeting Turkish businesses. The attack vector initiates through a PDF attachment disseminated via suspicious emails originating from the “internet[.]ru” domain. The embedded links within the PDF facilitate the download of a subsequent stage exe payload upon user interaction. It encrypts files with “.shadowroot” extension. Currently, ransomware is actively…

You Might Also Like

Spot ETH ETFs bleed $1B in 6-day outflow streak as rate-cut optimism fades

Binance helps countries with Bitcoin reserves, crypto policies, says CEO

BlackRock’s Bitcoin ETF futures debut in Moscow as fund hits top 25