![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEh5XBpT8xc_OavLWCkVNUDB_dr6Ovy_2unO2Dle6wz0RewsRSvH6iWdBZt06n9B4RSb6GTlE2I7f1iXynU0f16QpAY5i7mjo3DRq416mmKcSc7cZV6rtOZJEm3WqYX-2ETu-wLurAMgoH2oYWaPvf5cEtRzV80ospiReOxXB9Oos_FGrL0-X_Cz1AZIyUxw/s16000/ShadowRoot%20Ransomware%20Via%20Weaponized%20PDF%20(1).webp)
ShadowRoot Ransomware Attacking Organizations With Weaponized PDF Documents
A rudimentary ransomware targets Turkish businesses through phishing emails with “.ru” domain sender addresses. Clicking a PDF attachment’s link triggers downloading a malicious executable from a compromised GitHub account. The executable encrypts crucial …