ShadowRoot Ransomware Targeting Turkish Businesses

Post author:MiamiCrypto
Post published:July 12, 2024
Post category:Uncategorized

Our X-Labs team’s research seems to have discovered and identified basic ransomware targeting Turkish businesses. The attack vector initiates through a PDF attachment disseminated via suspicious emails originating from the “internet[.]ru” domain. The embedded links within the PDF facilitate the download of a subsequent stage exe payload upon user interaction. It encrypts files with “.shadowroot” extension. Currently, ransomware is actively…

You Might Also Like

Crypto Biz: Peter Thiel eyes the SVB throne

​​US House adds CBDC ban to massive defense policy bill

Bitcoin’s all-time high gains vanished hours later: Here’s why

US House adds CBDC ban to massive defense policy bill