Just Because It Claims to Be Ransomware…

Or why you shouldn’t pay ransom, and why you should have backups. Destructive Ordinypt Malware Hitting Germany in New Spam Campaign.

A new spam campaign is underway that pretends to be a job application from “Eva Richter” who is sending her photo and resume. This resume, though, is actually an executable masquerading as a PDF file that destroys a victim’s files by installing the Ordinypt Wiper.

It masquerades as ransomware, and demands a ransom, but even if you pay, the files have been overwritten with garbage, NOT encrypted. You won’t/can’t get them back.

So do you have those multiple backups? Are some of the them offline? How would you recover?

2 thoughts on “Just Because It Claims to Be Ransomware…

  1. Several of my email accounts were pwned and I sometimes get bitcoin ransom emails: “Dear sir, I have video of you being naughty on the internet, pay me or I send the video to your contacts……….”
    Have to wonder how many people fall for it (or is there naughty video of me on the internet that I don’t know about?)

    Liked by 1 person

    • IF nobody responded, they would get bored and stop doing it. But they get a small positive percentage.

      Of course now they are hacking webcams, so they can actually show you a 10 second blip of you on the computer…. One of many reasons I don’t have a web cam.


Comments are closed.