The ransomware, which has been named very sarcastically, Robin Hood wreaks havoc not only with files, but also in city budgets. Cities that have been attacked and have paid a hefty ransom amount were Baltimore, Maryland and Greenville, North Carolina. The ransom notes make it very clear that other methods of data recovery besides paying the ransom make no sense. Do you have a similar opinion? I instead think that there is always a way out, rather than paying taxpayers’ money to fraudsters.
How it works :
“Once the attacker gets sufficient access to the system, researchers have found that in some cases they are introducing the vulnerable Gigabyte kernel driver. This driver is signed by the motherboard manufacturer and will be accepted by Windows due to the digital signature. But the driver has a long-term vulnerability on CVE-2018-19320, which allows a local attacker to take full control of the affected system. “
https://blog.malwarebytes.com/threat-spotlight/2020/02/threat-spotlight-robbinhood-ransomware-takes-the-drivers-seat/?web_view=true