PS5 details: Is there a risk that hackers will exploit them?
inet infosec

PS5 details: Is there a risk that hackers will exploit them?

Sony's game developer and creator, Mark Cerny, gave some details about the new PS5 console. In one...
Read More
infosec

Cisco warns of vulnerabilities in 9000 series routers

Cisco has released 31 security tips this week, but has focused users on "critical" patches for ...
Read More
infosec

HP: Adds the Sure Sense malware blocker to its new devices

HP announced a series of updates and new features for PCs, as well as the official HP release ...
Read More
infosec

Covering vacancies in hacker security

Incidents of online attacks are increasing day by day. Previously no such attention was paid. After the incident with the ...
Read More
infosec

Oracle: New Critical Patch Update fixes 297 vulnerabilities

Oracle releases a collection of patches for multiple critical security vulnerabilities. The update contains 297 new security fixes ...
Read More
Latest Posts

Gandcrab 5.2 ransomware: Spread through phishing emails about a new influenza pandemic

New malware campaign spreads through email distributing a known variant of the notorious ransomwareGandcrab v5.2. Malicious activity was first detected about a week ago and was announced by MyOnlineSecurity.

The hackers they use false CDC emails that provide users with information about a new influenza pandemic that has recently spread. Criminals pretend to be among the Centers for Disease Control and Prevention to make fraud a true one.

Gandcrab

The false message comes with address line »Centers for disease control and prevention"(Centers for Disease Control and Prevention) and topic "Flu pandemic warning ». People are asked to open the document attached to the message. According to the sender, this will prevent the further spread of influenza. However, those who are careful enough will notice that the E-mail does not come from CDC but by Peter@eatpraynope.com.

The fake email contains the following text:

ransomware

Additionally, users start it Gandcrab v5.2 opening the malicious "Flu pandemic warning.doc" and editing the viewing mode. Then, the ransomware is downloaded from the file hxxp: //205.185.125.109/samanta.exe and the malicious load is transferred to the envelope C: \\ Windows \\ Temp on the Windows machine.

After that, the file encryption virus will launch its unique encryption algorithm and begin to locks the files by adding a random extension in each document. For example,encrypted data may seem to be picture.jpg.UGHTRR or picture.jpg.YRSTN etc. A ransom message is continuously displayed, which also includes the extension of the files in its name: UGHTRR-MANUAL.txt.

Great attention to emails you will receive!

Do you have an opinion? Leave your comment.

The author allows you to copy his / her text only if you report the source (SecNews.gr), as an e-mail address (Live URL) of the article.
Updated on by

Reader Interactions

Leave a reply

Your email address is not published. Τα υποχρεωτικά πεδία σημειώνονται με *