Alex Balan, Head of Product Management, BullGuard, describes the threat.
Hackers have launched a massive phishing campaign to exploit the fear generated by the Cryptolocker ransomware. A spam email campaign, discovered by BullGuard, has just been detected that offers decryption keys for Cryptolocker.
The email says a ‘tool’ can be downloaded that it claims will unlock any files encrypted by Cryptolocker. However, the so called decryption tool is in fact malware.
Cryptolocker encryption is so tough that even some of the world’s most powerful computers can’t crack its code, much less a spurious tool sent in an email.
If somebody downloads the ‘tool’ a registry cleaner is installed in the computer which then falsely tells the user they have lots of registry problems. And of course, the only way these so-called ‘problems’ can be remedied is by buying the product the scammers are offering. This is clearly an attempt to exploit the news coverage of both Cryptolocker and GameOver Zeus.
It plays on people’s fears that their computers will become infected by this malware. However, it’s simply an unprincipled bid to get people to pay for and download something that is not required and which could actually cause damage.
Raluca Stanciu, malware researcher, BullGuard, who identified the phishing campaign said: “Cyber criminals have been quick off the mark following the widespread media coverage around Cryptolocker and GameOver Zeus.
“They’re trying to exploit fear and uncertainty. As a rule, unsolicited emails like this should be ignored. But that said, we can expect to see more similar-themed emails in the coming weeks.”
Malware creators and hackers will piggyback on all sorts of events in an attempt to infect people’s computers and steal their personal details such as credit card numbers. This sort of information is currency and every day it is traded on the deep web, with details being bought and sold to carry out fraud.”
People can protect themselves by ensuring that they have a good security suite installed that picks up malware and also backs up files.
About BullGuard:
Launched in 2002, BullGuard is one of the fastest growing antivirus and mobile security brands. Today, its product portfolio also includes award-winning antivirus, premium 24/7 protection, web-based identity and social media protection that works across all devices, as well as PC and mobile backup software solutions. BullGuard’s philosophy has always remained the same – to combine technical excellence with a genuine understanding of consumer needs, creating simple, easy-to-use products that deliver complete protection, and to enable customers to control and manage their digital footprint.
For two consecutive years (2012 and 2013), BullGuard Internet Security has won a coveted “Best Buy” award from Which?
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.