Give me all your money -- yet more ransomware found in the wild
The online community has been living under the threat of ransomware for sometime now -- it feels like dwelling near Mordor. While many of you reading this are likely too savvy to fall for these tricks, there are people who do, which is why scammers stay in business. Now a new threat arises to go after people's hard earned money.
Security firm Doctor Web reports that a mass of spam emails have recently been detected. This latest threat comes in the guise of "Incoming fax report". The so-called report contains a ZIP file which disguises an SCR, or Windows executable file. It's been tagged as Trojan.DownLoader11.32458.
Extract the file and it will ruin your day, as it launches Trojan.Encoder.514 -- a nondescript name that translates to "Your data belongs to us. Pay up". Doctor Web explains "Files affected by Trojan.Encoder.514 do not have their filename extension changed, but get the string '!crypted!' appended at the beginning of their names. During the encryption process, the malware creates temporary files with the extension *.cry which are later deleted".
The news gets worse from there. While this attack is detectable by security software, those who still fall for it are out of either luck or money -- really both. There is no current method of decrypting files without paying the ransom.
This all circles back to the same precautions always preached -- don't open email attachments from unknown senders. In fact, even if it is someone you know then verify that they really did send it and haven't had their email account compromised.
Photo Credit: grafvision/Shutterstock