Tue. Jan 22nd, 2019

Sextortion Attacks Take a Dark Turn and Infect People With GandCrab Ransomware

One of our partners, Proofpoint reported that last week employees in the United States have been bombarded by a spam attack that pushed a double-whammy of a sextortion attempt combined with a possible ransomware infection.

On or around May 2018, there have been a number of different attacks using different versions of sextortion threats.

Hackers make a claim that they have intercepted a user’s computer data, hacked all of a victim’s online accounts, hacked the victim’s phone, or claimed to have recorded the user via his webcam while visiting adult sites.

These themes vary almost on a weekly basis, as scammers professionally test different themes and tactics to determine the best ROI. And they’ve been making money hand over fist.

But this week, sextortion scams took another dangerous turn. Security researchers at Proofpoint blogged they’ve seen a variation of a sextortion scam campaign that included a download link at the bottom of the blackmail message.

The scammers claimed to have a video of the user pleasuring himself while visiting adult sites, and they urged the user to access the link and see for himself. But Proofpoint says that instead of a video, users received a ZIP file with a set of malicious files inside.

Users who downloaded and ran these files would be infected by the AZORult malware, which would immediately download and install the GandCrab ransomware. Even if the user had no intention of paying the sextortion demand, curious users would still end up being held for ransom if they were careless enough to follow the link and ran the files they received.

You can protect your company’s email system by implementing the most effective E-mail security solution provided by Layer 7 Data Solutions along with our partner Proofpoint.

Leave a Reply

Your email address will not be published. Required fields are marked *