ALL YOUR IT. SIMPLIFIED.
Cybersecurity for middle market operations
Do you know what questions to ask when you're looking for an IT firm? We're here to help. Get the free guide delivered right to your inbox:
The Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload.
Earlier this month, MSTIC observed a new type of ransomware threat which uses a novel password encryption/decryption technique. This malware has been named “Prestige” ransomware.
Prestige is distributed via document email (with a .doc extension), contains macro code and uses “Prestige” as the password to decrypt an encrypted file.
It is also interesting to note that Prestige was distributed alongside two other variants of the same ransomware family, but with different above named passwords.
The two other variants of Prestige are named as “Baltic” and “Belarus”, and both share similar macros for decrypting files.
The idea to use passwords to decrypt the files is new, and it is likely that Prestige was deployed for the first time in this campaign.
