A ransomware infection can affect both home users and business organizations. It can result in financial losses if you pay the attacker in an effort to preserve your data, a disruption of normal business operations and brand reputation, and most importantly, the possibly permanent loss of important, sensitive, and critical data – all of which can negatively impact business productivity. Attackers may either be a well-organized cybercrime organizations, using their own infrastructure to target their victims, or a single person working on their own. A single attacker is more likely to buy off-the-shelf malware or modify a piece of code they find to create a new one. Once the attacker has created the ransomware, they only need to find a delivery mechanism to spread it and infect users.
We look at a new CrypVault ransomware variant called LovxCrypt that we recently uncovered being spammed as an email attachment.
Just like any other malware, this one arrives as an attachment to spammed emails with a fake “Resume” theme. The attachment is a zip file which then contains a file with a .CHM extension. We have seen this kind of spammed email format and social engineering trick many times before. Despite the frequency of this method of attack, users still fall for it on a regular basis, which (Read more...)
This is a Security Bloggers Network syndicated blog post authored by Cylance Threat Guidance Team. Read the original post at: Cylance Blog