New ransomware spreading by emails
Posted by: Timothy Weaver on 01/27/2015 11:07 AM
[
Comments
]
The latest crypto-ransomware is being spread through emails. It has been named of Trojan.DownLoad3.35539, and appears in a message as a ZIP file with hopes that unsuspecting recipients will launch it. Russian security firm Dr. Web reports that "The archive contains an SCR file -- by default, the .scr extension is utilized for Windows screen savers.
Once clicked on, the malware extracts an RTF document from its body, saves it onto the hard drive and displays it on the screen". When this occurs the file downloads the encryption program from the criminal's server. The money must be coughed up within 96 hours, and a helpful NASA-like countdown clock ticks the moments until doom.
According to Dr. Web, the ransomware makes use of CryptoAPI to generate random data as well as elliptic curve cryptography which for now makes it impossible to recover the affected data".
Again, the best warning is to not click on suspicious files in emails, even if from what appears to be a friend.
Once clicked on, the malware extracts an RTF document from its body, saves it onto the hard drive and displays it on the screen". When this occurs the file downloads the encryption program from the criminal's server. The money must be coughed up within 96 hours, and a helpful NASA-like countdown clock ticks the moments until doom.
According to Dr. Web, the ransomware makes use of CryptoAPI to generate random data as well as elliptic curve cryptography which for now makes it impossible to recover the affected data".
Again, the best warning is to not click on suspicious files in emails, even if from what appears to be a friend.
Comments
