What is the issue?
A security researcher who goes under the name ‘Mol69’ spotted a new malvertising campaign that distributes the Nemty ransomware via the RIG exploit kit (EK).
The big picture
The operators of Nemty ransomware are targeting outdated vulnerable systems with exploit kits in order to distribute their ransomware.
The security researcher who spotted the ransomware sample, tested it in an AnyRun test environment that records the entire infection process and the encryption process. Mol69 noted that this complete process took over 10 minutes to finish.
“#Malvertising -> #RIGEK -> #NEMTY (#Ransomware)
https://app[.]any[.]run/tasks/c4c56bb5-0e57-43b7-9... …,” Mol69 tweeted.