.suprise another ransomware

A new remote-control ransomware called surprise has surfaced, working off of memory whereby another executable of an encrypted BASE64 encoded string is launched to encrypt your files (except with $ symbol or in C:\windows or C:\programs)…then, executes a delete executable to remove shadow files and provides you with a notepad ransom note.  The trend apparently, is linked with use of TeamViewer software but the ransomware trail has reportedly gone cold and thus, cause/source is unknown/unconfirmed.  TeamViewer rejected reports it's logs/accounts were compromise/posted or the flaw within it’s software since it deploys end-to-end encryption, applies botnet attack protection, etc. accourding to myce.com

Just a quick news flash...and one of many dBs of victims at haveibeenpwned.com - for your edification