Strange AnteFrigus Ransomware Only Targets Specific Drives
Credit:
Bleeping Computer
A new and strange ransomware called AnteFrigus is now being distributed through malvertising that redirects users to the the RIG exploit kit. Unlike other ransomware, AnteFrigus does not target the C: drive, but only other drives commonly associated with removable devices and mapped network drives.
The RIG exploit kit uses malicious scripts hosted on attacker-owned or compromised sites that exploit vulnerabilities in Internet Explorer. If these vulnerabilities can be exploited, it will then install a payload in the visitor's machine without their knowledge.
In a new Hookads malvertising campaign discovered by exploit kit expert Mol69, the RIG exploit is now installing the AnteFrigus Ransomware on unsuspecting users.