Phony Copyright Emails Employed to Install LockBit Ransomware

 

LockBit ransomware operators are employing a unique strategy to lure victims into infecting their devices with malware by portraying it as copyright claims. 

The ransomware hackers target victims by sending an email regarding a copyright violation for allegedly using media files without the creator’s license. It also urges the victim to remove the content from their websites immediately or face legal action. 

The emails, identified by analysts at AhnLab in Korea, do not determine which files were inappropriately employed in the body of the text; rather, they instruct the receiver to download and open the attached file in order to view the infringing content. 

The attachment is a ZIP file that has been encrypted with a password and contains a compressed file. The archive contains a compressed file, an executable file posing as a PDF document. The executable is an NSIS installer, loading the LockBit 2.0 ransomware which, in turn, encrypts all of the files on the endpoint. 
This article has been indexed from CySecurity News – Latest Information Security and Hacking Incidents

Read the original article:

Phony Copyright Emails Employed to Install LockBit Ransomware

Liked it? Take a second to support IT Security News on Patreon!
Become a patron at Patreon!