VERY IMPORTANT

A recent analysis discovered the distribution of CryptoWire ransomware, which was prevalent in 2018. The malware spreads via phishing emails and uses Autoit scripting. It maintains persistence by registering a scheduled task. The malware explores local and network drives to expand encryption. It deletes shadow copies to prevent recovery. Encrypted files use the extension .encrypted. Decryption keys are included in some variants, while others send the key to a command server. Users should update antivirus software and avoid opening suspicious files.