The departure of GandCrab has triggered the arrival of new ransomware variants in the realm of cybersecurity. Recently, researchers have spotted SNAKE ransomware that poses a serious threat to enterprise security.
About SNAKE Ransomware
As highlighted by the MalwareHunterTeam and Vitali Kremez, a new ransomware has emerged as an active threat to the businesses. Dubbed the SNAKE ransomware, the new malware appends an ‘EKANS’ file marker in the hijacked files, which is ‘SNAKE’ when read backward.
Sharing the details of the ransomware with Bleeping Computer, Kremez revealed that the malware exhibits high obfuscation.
The ransomware contains a level of routine obfuscation not previously and typically seen coupled with the targeted approach.
In brief, after infecting a device, it removes the Shadow Volume Copies from the computer. Moreover, it also terminates various processes. This behavior is quite similar to the Clop ransomware. As stated by Bleeping Computer,
When started Snake will remove the computer’s Shadow Volume Copies and then kill numerous processes related to SCADA systems, virtual machines, industrial control systems, remote management tools, network management software, and more.
Then, the ransomware begins encrypting the data files whilst adding the file marker. Howe ..
Support the originator by clicking the read the rest link below.
