Modified Encryption Trojan DXXD is Active!

Heise online provides information about the modification of the encryption Trojan DXXD.

Thanks to a provided decryption tool, there had been put a spoke in the wheel of the DXXD ransomware developers. Thanks to this tool, it was possible to restore affected files without having to pay the demanded “ransom money”. Now, DXXD has been changed, making the "rescue tool” unusable.

Companies are recommended to take a close look at the members of their Remote Desktop Users groups, as well in the domain as on their local servers, and clean them up, if necessary.

Please contact us, if you need any assistance.