Beware the Ransomware-Laden Romantic Email

Be careful: that romantic email from an unknown suitor could end up grabbing your data.

So say cybersecurity researchers at the Mimecast Threat Labs, who warned the public this week that random emails offering gifts, flowers or other friendly gestures may contain infectious links designed to put a pox on your computer: the GandCrab ransomware virus, to be specific.

CTI’s (computer-transmitted infections) can also be bourne in fake E-greetings (“Hi!”), fake surveys (who doesn’t love those?), fake Valentine’s day or romance-y “groupon” offers, malicious dating apps (who thought those could get worse?) or links to dating sites that have already been turned by hackers.

Once tripped, the infections quickly turn that new relationship sour when it “encrypts the files of the victim, and changes the file extensions…” followed by a ransom note suddenly appearing, “at the top of the victim’s desktop.”

Gandcrab creeps thereafter evaluate the salacious quality of one’s data to set the price, and, “There can be large monetary differences in the ransoms between two different victims based on the value of the data.”

Data-ransomers, however, are very considerate in offering several different crypto ransom payment options, including Bitcoin or DASH.

They’ll even “walk you through” ransom payment steps:

“Paying the ransom is made as easy as possible for the victims, as the URL from the text file walks them through paying with cryptocurrency in a simple manner.”

These easy ransom payments are a real win-win prospect, says Mimecast:

“This leads to increased profits from vulnerable victims and those who are willing to pay the price of getting their files back in the quickest and easiest manner possible.”

This exploit evidently does not find Russians “sexy,” however:

“Features of the campaign include the ability to detect Russian victims (and stop the infection if they have a Russian-configured keyboard) and individual ransom notes. This signals these campaigns are specifically designed to not target Russian users.”

In the 21st century, intriguing emails from unknown senders, dear reader, should be approached with caution.

Sponsored Links by DQ Promote


Send this to a friend