New ransomware plays its victims an audio file, over and over and over…
Revision as of 22:13, 5 August 2015 by Eric.freyssinet (talk | contribs) (Text replacement - " blog.trendmicro.com" to "")
(Publication) Google search: [1]
New ransomware plays its victims an audio file, over and over and over… | |
---|---|
Botnet | Jagfu |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2012 / 2012-10-08 |
Editor/Conference | Trend Micro |
Link | http://blog.trendmicro.com/trendlabs-security-intelligence/new-ransomware-plays-its-victims-an-audio-file-over-and-over-and-over/ (Archive copy) |
Author | Elizabeth Bookman |
Type |
Abstract
“ Ransomware continuously evolves and updates its social engineering tactics to trick users into paying money to the cybercriminals.
The samples we’re seeing today not only leverage the Federal Bureau of Investigation (or any police authority for that matter), but on this occasion also use a non-malicious .MP3 file!
This audio file repeatedly informs users that their system is blocked because of a certain violation on the federal law they committed. In addition, to unlock the system, users need to pay $200 (USD). Trend Micro detects this as TROJ_RANSOM.CXB and TROJ_RANSOM.AAF.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2012BFR1177, editor = {Trend Micro}, author = {Elizabeth Bookman}, title = {New ransomware plays its victims an audio file, over and over and over…}, date = {08}, month = Oct, year = {2012}, howpublished = {\url{http://blog.trendmicro.com/trendlabs-security-intelligence/new-ransomware-plays-its-victims-an-audio-file-over-and-over-and-over/}}, }