MountLocker ransomware received an update recently that cut its size by half but preserves a weakness that could potentially allow learning the random key used to encrypt files.
This ransomware operation started in July 2020, and it targets corporate networks. Its operators steal data before encrypting it and threaten victims to leak files unless their multi-million dollar ransom demands are met.
In the second half of November, the second version, malware researchers saw the second version of MountLocker in the wild with clues that its operators are preparing for the tax season.
Source: Bleeping Computer