This is why it is Very Important to have Top Notch Security Policies in place on Your Server!
The new Snake Ransomware family sets out to target the organizations’’ corporate networks in all their entirety, written in Golang and containing a significant level of obfuscation, the observations and disclosure for the attacks were made by a group of security specialists from the MalwareHunterTeam.
The Ransomware upon successful infection subsequently erases the machine’s Shadow Volume Copies before ending different processes related to SCADA frameworks, network management solutions, virtual machines, and various other tools.
After that, it continues to encrypt the machine’s files while skirting significant Windows folders and system files. As a feature of this procedure, it affixes “EKANS” as a file marker alongside a five-character string to the file extension of each file it encrypts. The threat wraps up its encryption routine by dropping a ransom note entitled “Fix-Your-Files.txt” in the C:\Users\Public\Desktop folder, which instructs victims to contact “bapcocrypt@ctemplar.com” so as to purchase a decryption tool.
“It is clearly evident from the language in the ransom note, that this Ransomware specifically targets the entire network rather than individual workstations. Further indicating that any decryptor that is purchased will be for the network and not individual machines, but it is too soon to tell if they would make an exception.”
Nonetheless, the rise of SNAKE Ransomware highlights the critical requirement for organizations to defend themselves against a Ransomware infection.