We recently discovered a new ransomware (Detected as RANSOM_BLACKHEART.THDBCAH), which drops and executes the legitimate tool known as AnyDesk alongside its malicious payload.  This isn’t the first time that a malware abused a similar tool. TeamViewer, a tool with more than 200 million users, was abused as by a previous ransomware that used the victim’s connections as a distribution method.

https://blog.trendmicro.com/trendlabs-security-intelligence/legitimate-application-anydesk-bundled-with-new-ransomware-variant/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Anti-MalwareBlog+%28Trendlabs+Security+Intelligence+Blog%29