A new Hookads malvertising campaign has been discovered to be distributing the AnteFrigus ransomware.
What is unusual?
Most ransomware target the C: drive on target Windows devices, but not AnteFrigus. Instead, it goes after the drives associated with removable devices and mapped network drives.
“This malware does not look super sophisticated and contained a plethora of debugging symbols, source references, and test/debug location,” security researcher Vitali Kremez told Bleeping Computer.
What we know
This ransomware is distributed by malvertising campaigns that redirect potential victims to the RIG exploit kit.
What we don’t know
Because this is a new ransomware, its weaknesses are not yet known. Researchers will have to uncover the malware’s weaknesses to develop a decryptor.