New "Jaff" Ransomware Asks $3,150 Payment
Posted by: Timothy Weaver on 05/12/2017 12:45 PM
[
Comments
]
Using the Necurs botnet, cybercriminals are sending out 5 million emails per hour to try to spread a new form of ransomware call "Jaff".
Victims will be faced with a ransom note asking for 1.79 Bitcoins (approx $3,150) to unlock their files.
Security researchers at Forcepoint Security Lab indicate that the botnet has enslaved an estimated 6 million computers.
Malwarebytes has investigated the ransomware and says the emails come with an attached PDF file that when clicked on will open a Word document with a malicious macro script to download and execute the Jaff ransomware.
"Jaff targets 423 file extensions. It is capable of offline encryption without dependency on a command and control server. Once a file is encrypted, the '.jaff' file extension is appended," Forcepoint says.
The malware does not come with a ransom note, it instead directs victims to go to a Tor site where they are then asked for the 1.79 bitcoins in order to obtain a private decryption key.
Source: The Hacker News
Victims will be faced with a ransom note asking for 1.79 Bitcoins (approx $3,150) to unlock their files. Security researchers at Forcepoint Security Lab indicate that the botnet has enslaved an estimated 6 million computers.
Malwarebytes has investigated the ransomware and says the emails come with an attached PDF file that when clicked on will open a Word document with a malicious macro script to download and execute the Jaff ransomware.
"Jaff targets 423 file extensions. It is capable of offline encryption without dependency on a command and control server. Once a file is encrypted, the '.jaff' file extension is appended," Forcepoint says.
The malware does not come with a ransom note, it instead directs victims to go to a Tor site where they are then asked for the 1.79 bitcoins in order to obtain a private decryption key.
Source: The Hacker News
Comments
