Yesterday, ProofPoint posted about their discovery of a new ransomware called Serpent that is being distributed via SPAM emails. It was further determined that this ransomware appears to be a new variant of the HadesLocker and Wildfire ransomware family. Below I have given a brief recap of the distribution methods discovered by ProofPoint as well as detailed information on what I have learned about how Serpent runs based on its source code. Unfortunately, at this time there is no way to decrypt files encrypted by the Serpent Ransomware.
View full story
ORIGINAL SOURCE: Bleeping Computer