New .DOC GlobeImposter Ransomware Variant Malspam Campaign Underway

Discussion in 'Security News' started by LASER_oneXM, Dec 22, 2017.

  1. LASER_oneXM

    LASER_oneXM Level 17
    Content Creator

    Feb 4, 2016
    847
    4,402
    university/IT
    Germany / Poland
    Windows 8.1
    Kaspersky
     
  2. Prorootect

    Prorootect Level 46

    Nov 5, 2011
    3,552
    3,708
    0wN3D by my cat!
    #2 Prorootect, Dec 23, 2017
    Last edited: Dec 23, 2017
    This is ancient story ( from April-July 2017): GlobeImposter Ransomware Support (.Crypt & .PSCrypt ext - !back_files!.html ) - Ransomware Help & Tech Support
    This ancient (so not new) story on Bleepingcomputer.com article are with recent date... so "News articleware imposter" - by omission?.. on Bleepingcomputer.com...

    For decryption, look eg. Malwarebytes blog read: Ransom.GlobeImposter: Ransom.GlobeImposter - Malwarebytes Labs
    "GlobeImposter, also known as Fake Globe, mimics the Globe ransomware variant. It is distributed through a malicious spam campaign, recognizable only with their lack of message content and an attached ZIP file. This type of spam is called a “blank slate.” GlobeImposter is also distributed via exploits and malicious advertising, fake updates, and repacked infected installers."

    "Remediation

    Malwarebytes users are already protected against the GlobeImposter ransomware."

    EDIT:
    On MT we have some ancient topics about this GlobeImposter ransomware.
    - or maybe exist a few diverse distributions of GlobeImposter ransomware?
     
    silversurfer and Der.Reisende like this.
Loading...
Similar Threads Forum Date
Video Review GlobeImposter Ransomware now adds extension ..726 - Demonstration of attack Video Reviews Aug 2, 2017
Malware Alert Crypt GlobeImposter Ransomware Distributed via Blank Slate Malspam Security News Jul 31, 2017
Special Samples GlobeImposter Ransomware - Double Action Malware Vault (Samples) Jul 23, 2017