HDDCryptor Ransomware Returns to Encrypt Disk and Network Files
released on 2019-09-23 @ 09:29:29 AM
A new variant of HDDCryptor aka Mamba (detected by Trend Micro as Ransom.Win64.MCRYPT.SMB) was uncovered recently. The ransomware has been known to use DiskCryptor to encrypt disk and network files and overwrite the Master Boot Record (MBR). Iterations of the ransomware were previously seen in attacks against the San Francisco Municipal Transport Agency (SFMTA) in 2016 and a number of victims in Brazil and Saudi Arabia in 2017.