New ransomware avoids hitting the same victim twice

A new strain of ransomware, OphionLocker, generates a unique hardware identifier for each new infected machine so that it can avoid hitting the same victim twice, according to new research from KnowBe4, a Florida-based security awareness training firm.

“This we have not seen before,” said KnowBe4 CEO Stu Sjouwerman, who suggested that the crooks have a brand reputation to maintain.

If the ransomware attacked the same machine twice, re-encrypting already encrypted files, they might not be able to recover the data.

“The ransomware people are very focused on their customer service,” he said. “It’s in their best interest that word get out that if you pay, you will get your files back.”

To read this article in full or to leave a comment, please click here