Hackers try to exploit fear of Cryptolocker with spam campaign
Recent news stories, along with the UK National Crime Agency's warning that users only have two weeks to protect their computers, have raised fears about the impact of the GameOver Zeus malware and its cousin Cryptolocker.
It's not really surprising then that the bad guys are seeking to exploit these fears. Security company BullGuard has uncovered a major new spam campaign supposedly offering Cryptolocker decryption keys.
The email urges users to download a tool that it claims can unlock any files encrypted with Cryptolocker. Of course that isn't what you get. If you download the tool it installs a registry scanner which, naturally, tells you there are lots of problems with your PC which can only be solved by purchasing the spammers' offering.
BullGuard malware researcher Raluca Stanciu says, "Cyber criminals have been quick off the mark following the widespread media coverage around Cryptolocker and GameOver Zeus. They're trying to exploit fear and uncertainty. As a rule, unsolicited emails like this should be ignored. But that said, we can expect to see more similar-themed emails in the coming weeks".
You can read more and see screen grabs of the malware on the BullGuard blog. Meantime users should keep their systems and security software up to date and be wary of too-good-to-be-true email offers.
As Stanciu warns, "Malware creators and hackers will piggyback on all sorts of events in an attempt to infect people's computers and steal their personal details such as credit card numbers. This sort of information is currency and every day it is traded on the deep web, with details being bought and sold to carry out fraud".