Custom Backdoor "Betruger" Linked to RansomHub Affiliate Discovered by Symantec

Researchers at Symantec have discovered a custom backdoor, named Betruger, used in recent ransomware attacks. This backdoor is linked to an affiliate of the RansomHub operation. Betruger combines several functions into a single tool to minimize detection, including the ability to capture screenshots. The Threat Hunter team at Symantec identified this backdoor, which was specifically designed for ransomware attacks.