EDA2-derived ‘Surprise’ Ransomware

David Bisson describes Ransomware Propagation Tied to TeamViewer Account (UPDATED) for Tripwire. Here’s a thread on Bleeping Computer that seems to have been sparked by an early victim. Lawrence Abrams states that the malware is based on the much-abused EDA2 PoC. Analysis of all the reported cases seems to have pointed to the presence of TeamViewer on all affected systems and the implication of a specific TeamViewer account in a number of cases. Axel Schmidt, PR Manager at Teamviewer, is quoted as saying:

…none of the reports currently circulating hint at a structural deficit or a security glitch of TeamViewer.

David Harley


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.