Users of the Swiss company's end-to-end encrypted email and VPN services probably don't expect to be extorted for their patronage, but hackers are nevertheless trying the ruse.
Bleeping Computer explains:
A recent variant of the GarrantyDecrypt ransomware has been found that pretends to be from the security team for Proton Technologies, the company behind ProtonMail and ProtonVPN.
This ransomware family was found by ransomware researcher Michael Gillespie in October 2018 and while it has never achieved a large-scale distribution like other ransomware, it has seen a steady trickle of victims since it has been released.
From the submissions to ID-Ransomware, you can see a steady stream of users users submitting ransom notes or encrypted files to the service.