Hackers have launched a massive phishing campaign to exploit the fear generated by the Cryptolocker ransomware. A spam email campaign, discovered by BullGuard, has just been detected that offers decryption keys for Cryptolocker.
The email says a ‘tool’ can be downloaded that it claims will unlock any files encrypted by Cryptolocker. However, the so called decryption tool is in fact malware.
Cryptolocker encryption is so tough that even some of the world’s most powerful computers can’t crack its code, much less a spurious tool sent in an email.
If somebody downloads the ‘tool’ a registry cleaner is installed in the computer which then falsely tells the user they have lots of registry problems. And of course, the only way these so-called ‘problems’ can be remedied is by buying the product the scammers are offering. This is clearly an attempt to exploit the news coverage of both Cryptolocker and GameOver Zeus.
It plays on people’s fears that their computers will become infected by this malware. However, it’s simply an unprincipled bid to get people to pay for and download something that is not required and which could actually cause damage.
Raluca Stanciu, malware researcher, BullGuard, who identified the phishing campaign said: “Cyber criminals have been quick off the mark following the widespread media coverage around Cryptolocker and GameOver Zeus.
“They’re trying to exploit fear and uncertainty. As a rule, unsolicited emails like this should be ignored. But that said, we can expect to see more similar-themed emails in the coming weeks.”
Malware creators and hackers will piggyback on all sorts of events in an attempt to infect people’s computers and steal their personal details such as credit card numbers. This sort of information is currency and every day it is traded on the deep web, with details being bought and sold to carry out fraud.”