Ransomware email attachment demands Bitcoin payments

[BoraMurdar]

An email attachment seemingly sent from financial institutions could threaten millions of users, particularly those in the UK.

The legitimate looking email installs ransomware “Cryptolocker” after an attachment is opened, immediately encrypting files. It also unleashes a bogus countdown timer designed to force panicked users to pay immediately. According to the BBC, users are ordered to pay two Bitcoins, or around US$1233 to have the files supposedly unencrypted and restored.

However, the NCA says ransom payments are not endorsed as there is no evidence that files will be unencrypted after complying. Deputy head of the National Cyber Crime unit Lee Miles says the criminals are targeting small to medium businesses and must be stopped.

This is not the first time a ransom virus has threatened PC users. Earlier this year, the notorious FBI ransomware locked out users of their devices until a ransom was paid. Although the earlier form of malware is still widespread, Cryptolocker could pose even a greater danger in the long term.

Be wary of emails even if it appears it comes from trusted sources. Readers are also advised to scan files with a trusted and updated anti-virus program. Anyone affected with this malware should report it to local authorities immediately.

VIA NEOWIN

 

[Gnosis]

I would love to see how my paranoid behavior blocker set up would handle various ransomware. I injected much code, and it is as paranoid as it gets. It took me a month of daily PC usage to dial it in where it leaves me alone unless I download new software.

 

[BoraMurdar]

It would probably block this thing

 

[Malware1]

@Gnosis

Please send me a PM or post a request in Malware Requests if you need new ransomware samples.

 

[Gnosis]

@Gnosis

Please send me a PM or post a request in Malware Requests if you need new ransomware samples.

LOL
This thing is so old it might as well be a test machine.

 

[ttrobert]

Important Data Encrypted and $300 "Ransom" Extorted by Hackers

Since its emergence this year,Ransomlock malware has been a cause for concern. According to Baidu Antivirussecurity experts, the Baidu Antivirus Cloud Engine has detectedthat some users still face this threat. These users cannot take this threatlightly. This virus primarily spreads throughemail and begins its work after a user inadvertently opens a maliciousattachment. Rather than making it impossible to use the computer, the virusencrypts important files on the user's computer. Then, it warns users that theymust pay $300 to decrypt their files. If they are unwilling to pay within thespecified period, the extortionists will commit "murder" bypermanently deleting the decryption key.

Ransomlock searches for 67 file types totarget for advanced encryption, including the Office files (e.g. doc, xls, ppt)commonly used by companies, the AutoCAD and Adobe files (e.g. dwg, psd) oftenused by design engineers, the original files for photos (e.g. RAW) saved from adigital camera, and even database files (e.g. mdb). From the types of filesinfected, it is clear that the extortionists mainly target users holdingimportant data (e.g. financial statements, designs) and users that use adigital camera to record important life events (e.g. pictures of their childrenor honeymoon). After losing their data, it is very possible that these types ofusers will pay the demanded ransom. This will increase the arrogance of theextortionists and lead them to make higher demands in the future. Therefore, werecommend that users with important files take the time to back them up. Theabove findings are based on Baidu Antivirus security experts' analysis.



Ransomlock primarily spreads through email.Therefore, extreme caution is required when opening email attachments, especiallywhen the file extension indicates an executable program. Currently, BaiduAntivirus can defend against the multiple variations of Ransomlock. Users candownload the latest version of Baidu Antivirus to ensure their computer'ssecurity.

Welcome to follow us:
Skpye: baiduantivirus@hotmail.com
Facebook: https://www.facebook.com/BaiduAntivirusEN