GermanWiper ransomware hits Germany hard, destroys files, asks for ransom
A destructive ransomware campaign is targeting users in Germany and to a lesser extent in other German-speaking countries. The ransomware, dubbed GermanWiper, is distributed via malicious emails (malspam) and as the name implies, it doesn’t encrypt files on infected systems, but permanently destroys them by rewriting the content with zeroes.
While GermanWiper displays a ransom note, the damage it does to files is irreversible, meaning that victims who pay up will not get their files back. The ransomware was first spotted on July 30 and has been spreading ever since.