- Apr 25, 2013
- 5,355
- Content source
- http://www.net-security.org/malware_news.php?id=3008
researchers have found and analyzed a new piece of crypto-ransomware: CryptVault encrypts files, makes them look like files quarantined by an AV solution, asks for ransom and, finally, downloads info-stealer malware.
It arrives on target computers after the user has been tricked into downloading and running a malicious attachment - a Javascript file - that downloads four files: the ransomware itself, SDelete (a MS Sysinternals tool that will be used to delete files), GnuPG (legitimate open source encryption tool), and a GnuPG library file.
Full Article
It arrives on target computers after the user has been tricked into downloading and running a malicious attachment - a Javascript file - that downloads four files: the ransomware itself, SDelete (a MS Sysinternals tool that will be used to delete files), GnuPG (legitimate open source encryption tool), and a GnuPG library file.
Full Article