Difference between revisions of "TorrentLocker ransomware uses email authentication to refine spam runs"
Jump to navigation
Jump to search
(Created page with "{{Publication |Botnet=TorrentLocker, |Year=2015 |Date=2015-02-27 |Link=http://blog.trendmicro.com/trendlabs-security-intelligence/torrentlocker-ransomware-uses-email-authentic...") |
|||
Line 1: | Line 1: | ||
{{Publication | {{Publication | ||
|Botnet=TorrentLocker, | |Botnet=TorrentLocker, | ||
|Vector=Spam, | |||
|Year=2015 | |Year=2015 | ||
|Date=2015-02-27 | |Date=2015-02-27 | ||
|Editor=TrendLabs Security Intelligence Blog | |||
|Link=http://blog.trendmicro.com/trendlabs-security-intelligence/torrentlocker-ransomware-uses-email-authentication-to-refine-spam-runs/ | |Link=http://blog.trendmicro.com/trendlabs-security-intelligence/torrentlocker-ransomware-uses-email-authentication-to-refine-spam-runs/ | ||
|Author=Jon Oliver, | |Author=Jon Oliver, |
Latest revision as of 00:26, 1 March 2015
(Publication) Google search: [1]
TorrentLocker ransomware uses email authentication to refine spam runs | |
---|---|
Botnet | TorrentLocker |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | Spam |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2015 / 2015-02-27 |
Editor/Conference | TrendLabs Security Intelligence Blog |
Link | http://blog.trendmicro.com/trendlabs-security-intelligence/torrentlocker-ransomware-uses-email-authentication-to-refine-spam-runs/ (Archive copy) |
Author | Jon Oliver |
Type | Blogpost |
Abstract
“ In monitoring the ransomware TorrentLocker, we noticed a new development in its arrival vector. In previous entries, we noted that a particular wave of the crypto-ransomware was using spammed messages that were designed to evade spam filters. Our research now shows that TorrentLocker malware are using emails that are designed to pass spam filters and also collect information.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2015BFR1535, editor = {TrendLabs Security Intelligence Blog}, author = {Jon Oliver}, title = {TorrentLocker ransomware uses email authentication to refine spam runs}, date = {27}, month = Feb, year = {2015}, howpublished = {\url{http://blog.trendmicro.com/trendlabs-security-intelligence/torrentlocker-ransomware-uses-email-authentication-to-refine-spam-runs/}}, }