Play Ransomware Group Adds Two New Tools to Harvest More Data


Two new specialised tools are being used by the Play ransomware organisation to bolster its assaults and efficiently gather data from systems that are being attacked. The programmes, known as Grixba and Volume Shadow Copy Service (VSS), are simple to deploy on infected systems because they have no dependencies.

Both tools, which are created in the Costura.NET programming language, are designed to enable threat actors become more effective by enabling them to perform more destructive actions. A network scanner and information thief called Grixba is used to count the computers and users on a compromised network.

Read More…