A ransomware posing as a virtual machine

Four months ago, SOC Prime a Peerlist partner, wrote an excellent article on Ragnar Locker and the havoc wrought by this nasty virus.

It appears that the bad guys behind this ransomware have made some sophistication on the way you can get it. In order to lure its future victims it appears that the tech team gave it a specificity to deploy as a virtual machine on the targeted machine.

The giant Portuguese energy supplier EDP paid the price and had 1O TB of sensitive data stolen. Some more details here …