Sextortion Email Scandal Forces Payment Via Ransomware
An ongoing sextortion email campaign targeted thousands of United States citizen via the infamous GandCrab ransomware. Also, demanded $500 to decrypt their files and folders in the system.
Sextortion emails supposedly ask money for keeping silence on compromising adult websites. But this particular campaign took a step further by attaching links which on click install the most infamous GandCrab ransomware.
The sextortion emails always demand payment before the URLs linking to AZORult stealer ultimately led to infection from GandCrab ransomware.
Researchers, who firstly spotted the campaign on December 5, released a report that said thousands of spam emails and fake messages were sent to target primarily the Windows user in the U.S.
Victims who received emails and messages from the attackers claimed to have got their information compromised on adult websites.
What Message Has To Say?
The messages supposedly caused illicit activities. Subsequently, it also offers a link where victims see a video presentation of the adult content.
A Sample Message Read As Follows: I know you would not like to show these adult contents with your face to your friends, relatives, loved ones or colleagues. To avoid this, it is better you pay $381, a very small amount for my silence. Besides, I have been spying on you for so long, we have spent a lot of time.
The attack is a combination of multiple layers of social engineering that is very vulnerable and trick users into clicking the link for determining whether the sender is actually evident or not.
The GandCrab ransomware is and open-source cryptocurrency DASH that demands more than $500.
However, there are few slip-ups in the original email and the victim can predict it as a scam. For instance, at the beginning of the email, the sender (cyberattacker) says that they have the victims’ account credentials both the account id and password.
GandCrab has continued to make headlines throughout the year. For instance, in August the threat aimed at South Korea via emails attached with EGG. On the other hand, in May the GandCrab payload was found extensively hiding on the legitimate but compromised websites.
The ransomware is evolving and advancing while providing profit to cyber attackers. As per the research in March, GandCrab was found infecting more than 50,000 victims. Most of the victims were the citizens of U.S., U.K. and Scandinavia.
The attacks were vast and let the cyber attackers earn $600,000 profit in just 2 months.
The latest attack of a sextortion plot publicly breached data, tricked victims into thinking that they were hacked. Additionally, cybercriminals also added the inevitable ransomware update to the sextortion scam.
The malware attacks from the scam also lead to the installation of spyware or a keylogger. More believably the scam corrupts the files stored in the computer which then lead to the demand of bitcoin payment.
Researchers recommend that victims of these attacks should use a better antimalware tool and should not fall for the decryption tools.
Additionally, the links attached to assume the sender does not actually possess screenshots or video of any compromising activity and not click any links or open attachments to verify the sender’s claim.
Tips to Prevent virus and malware from Infecting Your System:
- Enable your popup blocker: Pop-ups and ads on the websites are the most adoptable tactic used by cybercriminals or developers with the core intention to spread malicious programs.
So, avoid clicking uncertain sites, software offers, pop-ups etc. and Install a powerful ad- blocker for Chrome, Mozilla, and IE
- Keep your Windows Updated: To avoid such infections, we recommend that you should always keep your system updated through automatic windows update.By doing this you can keep your device free from virus.According to the survey, outdated/older versions of Windows operating system are an easy target.
- Third-party installation: Try to avoid freeware download websites as they usually install bundled of software with any installer or stub file.
- Regular Backup: Regular and periodical backup helps you to keep your data safe in case the system is infected by any kind of virus or any other infection.Thus always backup important files regularly on a cloud drive or an external hard drive.
- Always have an Anti-Virus: Precaution is better than cure. We recommend that you install an antivirus like ITL Total Security or a good Malware Removal Tool like Download Virus RemovalTool
