Snatch ransomware reboots PCs into safe mode to get around security tools



A new strain of the Snatch ransomware, which reboots the computers it infects into Safe Mode in order to bypass security solutions, has been discovered by security researchers from the Sophos Managed Threat Response team and SophosLabs.

By making the infected Windows devices boot into Safe Mode, the ransomware is able to encrypt victim’s files since most security tools are automatically disabled in Safe Mode.



Source link

LEAVE A REPLY

Please enter your comment!
Please enter your name here