Windows 10 News and info | Forum
March 22, 2019, Loading... *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: This is a clean Ad-free Forum and protected by StopForumSpam, Project Honeypot, Botscout and AbuseIPDB | This forum does not use audio ads, popups, or other annoyances. New member registration currently disabled.
 
  Website   Home   Windows 8 Website GDPR Help Login Register  
By continuing to use the site or forum, you agree to the use of cookies, find out more by reading our GDPR policy.
Pages: [1]
  Print  
Share this topic on Del.icio.usShare this topic on DiggShare this topic on FacebookShare this topic on GoogleShare this topic on MySpaceShare this topic on RedditShare this topic on StumbleUponShare this topic on TechnoratiShare this topic on TwitterShare this topic on YahooShare this topic on Google buzz
Author Topic: Sextortion Emails now Leading to Ransomware and Info-Stealing Trojans  (Read 66 times)
javajolt
Administrator
Hero Member
*****
Online Online

Gender: Male
United States United States

Posts: 29761


I Do Windows


WWW Email
« on: December 09, 2018, 04:25:26 PM »
ReplyReply

Sextortion email scams have been a very successful way of generating money for criminals. A new Sextortion campaign is now taking it to the next level by tricking recipients into installing the Azorult information-stealing Trojan, which then downloads and installs the GandCrab ransomware.

A sextortion scam is when you receive an email that states someone hacked your computer and has been creating videos of you while you are using adult websites. These emails may also contain passwords of yours that were leaked during data breaches in order to make the scams look more legitimate.

The emails then tell you to send them bitcoins or they will share the videos they made with all of your contacts. It should be clear that these are scams; your computer was not hacked and there are no videos of you.

A new campaign has been spotted by researchers at ProofPoint that instead of containing a bitcoin address to send a blackmail payment to, they instead prompt you to download a video they made of you doing certain "activities". The downloaded zip file, though, contains an executable that will install malware onto the computer.

"However, this week Proofpoint researchers observed a sextortion campaign that also included URLs linking to AZORult stealer that ultimately led to infection with GandCrab ransomware," stated ProofPoint's research.


Sextortion Email click to enlarge 974x1100

The downloaded files will be named similar to Foto_Client89661_01.zip  and the full text of the sextortion scam email is below.

Quote
Hello!

I have very bad news for you.
09/08/2018 - On this day, I got access to your OS and gained complete control over your system. **@gmail.com
On this day your account **@gmail.com has password: XXXX

How I made it:

In the software of the router, through which you went online, was avulnerability.
I just got into the router and got root rights and put my malicious code on it.
When you went online, my trojan was installed on the OS of your device.

After that, I made a full dump of your (I have all your address book, history of viewing sites, all files, phone numbers and addresses of all your contacts).

A month ago, I wanted to your device and ask for a not big amount of btc to unlock.
But I looked at the sites that you regularly visit, and I was shocked by what I saw!!!
I'm talk you about sites for adults.

I want to say - you are a BIG pervert. Your fantasy is shifted far away from the nromal course!

And i got an idea....
I made a screenshot of the adult sites where you have fun (do you understand what it is about, huh?).
After that, I made a screenshot of your joys (using the camera of your device) and glued them together.
Turned out amazing! You are so spectacular!

As proof of my words, I made a video presentation in Power Point.
And laid out in a private cloud, look You can copy the link below and paste it into the browser.

http://google.com/url?Q=[url here]

I'm know that you would like to show these screenshots to your friends, relatives or colleagues.
I think #381 is a very, very small amount for my silence.
Besides, I have been spying on your for so long, having spect a lot of time!


This new tactic is even more dangerous, as recipients may be scared enough to want to confirm if a video exists. They then download the file, try to open the zipped file and find themselves infected with two different types of malware.

The first infection, Azorult, will be used to steal information from your computers such as account logins, cookies, files, chat history, and more. Then it installs the GandCrab Ransomware, which will encrypt your computer's data.

So while previously the email was just a scam trying to scare you, you now have a serious problem on your hands.

Therefore, it is important to not trust anything you receive from a stranger via email. Instead, do some searches on the Internet to see if others have encountered emails like this and you will quickly see that this is just a scam that should be deleted.

Logged



Pages: [1]
  Print  
 
Jump to:  

Powered by SMF 1.1.21 | SMF © 2017, Simple Machines

Google visited last this page December 14, 2018, 02:15:49 AM