🚨 MountLocker ransomware new tactics 🚨

🚨 MountLocker ransomware new tactics 🚨
Userlevel 5
Badge +3
  • Community Manager
  • 25 replies

The MountLocker ransomware operation now uses enterprise Windows Active Directory APIs to worm through networks. MountLocker started operating in July 2020 as a Ransomware-as-a-Service (RaaS) where developers are in charge of programming the ransomware software and payment site, and affiliates are recruited to hack businesses and encrypt their devices. As part of this arrangement, the MountLocker core team receives a smaller cut of 20-30% of a ransom payment, while the affiliate gets the rest.

0 replies

Be the first to reply!