As dastardly as this ransomware is, the silver lining in all this is that the affected person would still need to manually log in to Windows Safe Mode before the encryption can occur, and that alone could tip off the victim to the ransomware’s actions.
Of course, it should surprise no one that this isn’t the first time REvil has been cast into the spotlight. Last month, the hacker collective claimed responsibility for attacking the Taiwanese tech brand, Acer, and holding their servers hostage to the tune of US$50 million (~RM206 million).
In addition to the attack, the group also warned victims that it would not think twice about launching DDoS attacks on them or email their business partners about their activities. Should they choose not to pay the ransom.