A new extortion Trojan is currently spreading. After an infection, it pretends to have encrypted local files and demands the usual ransom. However, paying the ransom would not help the victims, as the files are not encrypted but irretrievably destroyed.

Ordinypt is sent as an attachment to phishing mails in very good German. Target addressees are preferably employees with personnel responsibility in companies. Attached to each of these phishing emails is a zip archive, which in turn contains at least one executable disguised as a PDF. Computers with the Windows operating system are vulnerable.
SecuMail^® opens all archives and examines their contents. Disguised Windows executables are also detected. The dangerous emails are therefore reliably filtered before they reach the target mail server.

Your SecuMail Team

Other sources:
https://www.bleepingcomputer.com/news/security/ordinypt-ransomware-intentionally-destroys-files-currently-targeting-germany/
https://www.heise.de/security/meldung/Ordinypt-Erpressungstrojaner-bedroht-deutsche-Firmen-3887249.html

https://www.secumail.de