Pokémon Go for Windows with Ransomware – installs a backdoor account and spreads to other drives

When installed – the Pokémon Go for Windows with Ransomware will create a hidden user account called ‚Hack3r‘ and adds it to the Administrators group

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\SpecialAccounts\UserList „Hack3r“ = 0

PokemonGo_Windows_01

Leave a Reply

You must be logged in to post a comment.