McAfee: Mounted former employees for leaking data to an opponent
infosec

McAfee: Mounted former employees for leaking data to an opponent

McAfee has sued three of her former employees, who, as they say, have stolen commercial secrets from the company to transport them ...
Read More
infosec

Six people were arrested by Europol for Bitcoin theft

According to a press release released on June 25, Europol in partnership with South West Regional Cyber ​​...
Read More
infosec

Why can not I remove Windows 7? But why should it?

As we have mentioned several times in the past, Microsoft is particularly concerned about the world's love for Windows ...
Read More
infosec

Phishing campaign infects Windows computers with two types of trojan

A new phishing campaign infects the victims with two popular trojan and hackers seem to try to target ...
Read More
infosec

Bank Trojan Riltok has also begun to locate itself in Europe

Riltok, a banking Trojan known for its activity in entities in Russia, seems to have been renewed and now has ...
Read More
Latest Posts

Gandcrab 5.2 ransomware: Spread through phishing emails about a new influenza pandemic

New malware campaign spreads through email distributing a known variant of the notorious ransomwareGandcrab v5.2. Malicious activity was first detected about a week ago and was announced by MyOnlineSecurity.

The hackers they use false CDC emails that provide users with information about a new influenza pandemic that has recently spread. Criminals pretend to be among the Centers for Disease Control and Prevention to make fraud a true one.

Gandcrab

The false message comes with address line »Centers for disease control and prevention"(Centers for Disease Control and Prevention) and topic "Flu pandemic warning ». People are asked to open the document attached to the message. According to the sender, this will prevent the further spread of influenza. However, those who are careful enough will notice that This makes it a perfect choice for people with diabetes and for those who want to lose weight or follow a balanced diet. E-mail does not come from CDC but by Peter@eatpraynope.com.

The fake email contains the following text:

ransomware

Additionally, users start it Gandcrab v5.2 opening the malicious "Flu pandemic warning.doc" and editing the viewing mode. Then, the ransomware is downloaded from the file hxxp: //205.185.125.109/samanta.exe and the malicious load is transferred to the envelope C: \\ Windows \\ Temp on the Windows machine.

After that, the file encryption virus will launch its unique encryption algorithm and begin to locks the files by adding a random extension in each document. For example,encrypted data may seem to be picture.jpg.UGHTRR or picture.jpg.YRSTN etc. A ransom message is continuously displayed, which also includes the extension of the files in its name: UGHTRR-MANUAL.txt.

Great attention to emails you will receive!

Share
Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *