actually, right after I posted a coworker sent me this:
"This is the first time we’ve seen a ransomware strain use a popular third-party tool to speed up the encryption process. The Everything search tool doesn’t even need to be installed on a victim’s machine, as it’s included in the malicious executable used to infect a PC with Mimic in the first place."
- https://www.tomsguide.com/news/new-mimi ... age-faster
So looks like a patch doesn't even matter in this case.
Mimic Ransomware Vulnerability
Re: Mimic Ransomware Vulnerability
(An earlier thread) Ransomware Attack Vector
Re: Mimic Ransomware Vulnerability
See also: FYI:New Mimic ransomware abuses ‘Everything’ Windows search tool
Not the first time btw: CryptoXXX and Everything decryptoperator@qq.com (April 2020) and CryptoXXX and Everything decryptoperator@qq.com (April 2019)
Everything itself is not infected; it is just being used as an advanced "dir command" to list files and folders.
Not the first time btw: CryptoXXX and Everything decryptoperator@qq.com (April 2020) and CryptoXXX and Everything decryptoperator@qq.com (April 2019)
Everything itself is not infected; it is just being used as an advanced "dir command" to list files and folders.