Privacy News Those annoying sextortion scams are redirecting users to ransomware now

[LASER_oneXM]

Content source

https://www.zdnet.com/article/those-annoying-sextortion-scams-are-redirecting-users-to-ransomware-now/

Sextortion emails take a dark turn and are now trying to infect users with the GandCrab ransomware.
... ...
...
But this week, sextortion scams took another very dangerous turn. Security researchers at Proofpoint have told ZDNet that they've seen a variation of a sextortion scam campaign that included a link at the bottom of the blackmail message [in full here].

The scammers claimed to have a video of the user pleasuring himself while visiting adult sites, and they urged the user to access the link and see for himself. But Proofpoint says that instead of a video, users received a ZIP file with a set of malicious files inside.
Users who downloaded and ran these files would be infected by the AZORult malware, which would immediately download and install the GandCrab ransomware.

Even if the user had no intention of paying the sextortion demand, curious users would still end up being held for ransom if they were careless enough to follow the link and ran the files they received.
Users who receive these types of messages are urged to ignore them. Proofpoint says this campaign has been active since December 5. More technical details and indicators of compromise about these emails and associated malware files are available in Proofpoint's report here.