Share Blog post
Although the encryption method is pretty same as Cryptomix, there are some slight differences. The ransom note is still named _HELP_INSTRUCTION.TXT, but now it uses the email@example.com email for a victim to contact for payment information.
Recently, a new malware has been discovered, which is dubbed as French Retis. It is a .NET ransomware which stealthily infiltrates the system. When infiltrated, it will first target the victim's Desktop, Documents, and Pictures folder for encryption. After encrypting those folders, it will target the rest of the drives on the computer.
Posted on: December 29, 2017
Get the Daily Threat Briefing delivered to your email!
More from Cyware
Stay updated on the security threat landscape and technology innovations at Cyware with our threat intelligence briefings and blogs.
Explore Industry Briefs
Cyware for Enterprise
Adopt next-gen security with threat intelligence analysis, security automation...
Cyware for ISACs/ISAOs
Anticipate, prevent, and respond to threats through bi-directional threat in...