Free Phone Consultation For New Clients | CONTACT NOW

New “Prestige” ransomware impacts organizations in Ukraine and Poland

The Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload.

Earlier this month, MSTIC observed a new type of ransomware threat which uses a novel password encryption/decryption technique. This malware has been named “Prestige” ransomware.

Prestige is distributed via document email (with a .doc extension), contains macro code and uses “Prestige” as the password to decrypt an encrypted file.

It is also interesting to note that Prestige was distributed alongside two other variants of the same ransomware family, but with different above named passwords.

The two other variants of Prestige are named as “Baltic” and “Belarus”, and both share similar macros for decrypting files.

The idea to use passwords to decrypt the files is new, and it is likely that Prestige was deployed for the first time in this campaign.

Source: New “Prestige” ransomware impacts organizations in Ukraine and Poland - AlienVault - Open Threat Exchange

Need secure managed IT for your business?