Keep up to date with latest blog posts
Snatch ransomware is a stealthy malware that utilizes publicly available and built-in tools for its malicious activities. Since Windows does not often run endpoint protection mechanisms in Safe Mode, Snatch ransomware avoids detection by forcing infected hosts to reboot into Safe Mode. The Snatch ransomware group uses the double extortion method; accordingly, the payload is made of ransomware and data stealer components. Threat actors use automated brute-force attacks against vulnerable applications in the target organizations. Also, the Snatch ransomware operators also use their affiliate partners to gain initial access to corporate networks.