Researchers at cyber security firm Coveware have uncovered a new ransomware campaign in which threat actors try to manipulate victims into paying ransom to regain access to their files, by claiming the money will be donated to charity.
The ransomware used in the campaign is CryptoMix, a relatively unknown file-encrypting malware strain dating back to 2016. Like in many other ransomware campaigns, the threat actors gain access to targeted systems by brute-forcing poorly secured RDP ports.