Rapid 2.0 Ransomware Released, Will Not Encrypt Data on PCs with Russian Locale
Precisely two months on the day since the release of its first version , the group behind the Rapid ransomware strain has released v2.0. This new version has not suffered any major modifications compared to its previous release, but small changes have occurred. The biggest is the addition of a code routine that detects the user's PC locale settings before launching encryption operations. If the user has locale settings set to Russian, the ransomware will not encrypt files. Second, the ransomware now adds a randomly generated string as the file extension at the end of encrypted files. Version 1.0 used ".rapid", which allowed victims to easily detect what ransomware strain had infected their PCs. But users now can detect they've been infected with Rapid 2.0 because the ransom note says so right at the top. The ransom note also uses different wording, compared to v1.0. Rapid 2.0 still relies on asking victims to get in contact with the ransomw...