has anyone heard of this ransomware or is this new? we are currently recovering from backups of the files but want to find our more about this.
Email in the txt file decypt_your_files.html is "firstname.lastname@example.org"
We also had a issue where it looks like whoever or whatever created this ransomware was able to hijack our clients PC and then from that 1 PC was able to remote into other desktops in the office.
This is a first I ever seen a ransomware or a virus take over another desktop from 1 PC (they remote or logged into the patient zero desktop, machine infects all files + server with .remind encrypt and then using RDP remoted into another desktop in the office which had a simple password and kept logging into that machine until we reset the password).
here is a link of the screenshot of the .html file: http://imgur.com/gV6i5SN
Edited by quietman7, 05 June 2016 - 04:40 PM.