Sophos has discovered a scary new strain of very sophisticated ransomware called MegaCortex. It was purpose-built to target corporate networks, and once penetrated, the attackers infect your entire network by rolling out the ransomware to all servers and workstations, using your own Windows domain controllers.
Sophos have detected infections in the United States, Italy, Canada, France, the Netherlands, and Ireland.
This is a fairly new strain, so not all that much is known yet about how the encryption works, how they are getting in, or if ransom payments are being honored.
How Megacortex Strikes
Sophos made an interesting additional discovery: if the Emotet or Qakbot Trojans have been present on networks that have also been infected with MegaCortex, that suggest that the attackers are paying Trojan operators for access to infected systems just like the RYUK strain.