Fox-IT warns for the dissemination in the Netherlands of Torrentlocker, a malwaretype files that encrypts and money required for decryption. The attackers hide the ransomware in fake track-and-trace-files of pakketvervoerders, including PostNL and DHL.
According to Fox-IT, the first reports of the Netherlands targeted attacks with new variants of the Torrentlocker malware, which is designed for Windows-based systems, Monday popped up. The security company calls the numbers of infections are now substantial but would not give precise numbers show that it has detected.
The malware is offered after the victims of a fake e-mail with a pakketmelding and a track-and-trace code. Among other things, the appearance of companies like PostNL and DHL is in the e-mails being misused. A click on a link takes the victim to a fake web site and then after the introduction of a captcha, a zip file is provided containing a pdf-like executable. This malware then begins accessible files to encrypt. The criminals behind the Torrentlocker malware requirements then bitcoin-payments for the encryption to undo. TechWorld reports that the bitcoin amount is converted to about 390 euros.
Fox-IT on his blog several instructions placed how infected systems are recognized and isolated. The company says, to examine whether they are a ontsleuteltool can build. The malware is in other forms already on many places in the world surfaced.
Comments
(118)