• Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
HackRead
  • April 20th, 2021
  • Home
  • Advertise
  • Privacy Policy
  • Contact Us
HackRead
  • Hacking News
    • Leaks
    • WikiLeaks
    • Anonymous
  • Tech
    • Android
    • Apple News
    • BlackBerry
    • Google News
    • Microsoft
    • Motorola
    • Nokia
    • Samsung
    • 3D
  • Cyber Crime
    • Phishing Scam
  • How To
  • Cyber Events
    • Censorship
    • Cyber Attacks
  • Security
    • Malware
  • Surveillance
    • Drones
    • NSA
    • Privacy
  • Explore
    • Gaming
    • Science
    • Viral
  • Follow us
    • Facebook
    • Twitter
    • Linkedin
    • Youtube
Home
Cyber Crime
Phishing Scam

Hackers delivering ransomware virus in package delivery e-mails

September 28th, 2015 Farzan Hussain Malware, Phishing Scam 0 comments
Hackers delivering ransomware virus in package delivery e-mails
Share on FacebookShare on Twitter

A new ransomware email campaign detected in the fake email messages sent by either PostNord or Post Denmark, identified as Cryptolocker2.

Hackers are targeting the Denish citizens with ransomware using a traditional method, which is by sending them an email message falsified to be delivered by Danish post office informing them that their package was unable to reach the destination, ultimately requiring the targeted victim to click on a provided link to read more information about the package.

[must url=”https://www.hackread.com/hackers-pedophiles-tox-ransomware/”]Hacker Targets Pedophiles with TOX Ransomware[/must]

Clicking on the provided link will redirect the victim to a website infected with a malicious script that automatically downloads an executable malicious file, “forsendelse.exe”, onto the system. Within a few minutes, that malicious file will be executed automatically encrypting the hard disk, all the data stored on it as well as the data found in the network-connected devices, then a message will pop up demanding a hefty ransom in order to decrypt and regain access to all the data.

All of the data locally stored in the hard disk will remain encrypted and the computer will be useless until the demanded payment has been made to the attackers.

The malicious code is so powerful that it even modifies the registry values of the “HKEY_LOCAL_MACHINE” so that the ransomware can autorun itself during the Windows start-up process. Furthermore, it also disables the anti-phishing filters through the registry.

The Cryptolocker2 encryption could also lead to a massive loss of data because the extension of all the files stored in the victim’s computer will be changed to “.encrypted” format. Furthermore, a new HTML file named “HOW_TO_RECOVER_FILES.html” will be created on the desktop, where all the instructions will be outlined so that the victim can make a payment and regain access to their data.

[must url=”https://www.hackread.com/breaking-bad-theme-crypto-malware/”]Internet users hit with Breaking Bad Theme Crypto-Malware[/must]

 

Andra Zaharia of the Heimdal Security has reported in a blog post that the attackers behind this ransomware campaign use multiple approaches to maintaining their anonymity such as the usage of several hosting providers to hide their traffic as well as the usage of Domain Generation Algorithm (DGA).

The ransomware code that is being used by hackers has been identified as Cryptolocker2 and has its own identity on the dark web, which is “crypt0l0cker.” It has been explicitly designed with a dodging technique using which it goes undetectable by the antivirus program.

According to Zaharia:

“Antivirus detection is extremely low in this campaign (VirusTotal score: 2/56), which makes it very dangerous to both home users and users in corporate environments.”

hackers-sending-ransomware-virus-emails

Keeping your system clean from ransomware email is not a rocket science. All you need to do is to NEVER click or download email attachments sent by unknown users.

  • Tags
  • Cryptolocker
  • emails
  • hacking
  • Malware
  • Phishing
  • Ransomware
  • Scams
  • security
  • virus
Facebook Twitter LinkedIn Pinterest
Previous article Social Experiment: What Happens When Your Child Falls for Fake Social Media Profiles
Next article Windows Registry now Providing Shelter to Destructive Kovter Malware
Farzan Hussain

Farzan Hussain

I am Mohammad Farzan! A technology and gadget enthusiast as well as a creative content writer with over six years of experience in writing engaging content. You will mostly find me writing occasional blog posts, designing websites, capturing photos, social networking and listening to music.

Related Posts
WhatsApp Pink is malware spreading through group chats

WhatsApp Pink is malware spreading through group chats

Unpatched MS Exchange servers hit by cryptojacking malware

Unpatched MS Exchange servers hit by cryptojacking malware

Android apps on APKPure store caught spreading malware

Android apps on APKPure store caught spreading malware

Newsletter

Get the best stories straight into your inbox!



Don’t worry, we don’t spam

Latest Posts
Hackers claims to be selling 13tb of Domino’s India data
Hacking News

Hackers claims to be selling 13tb of Domino’s India data

WhatsApp Pink is malware spreading through group chats
Security

WhatsApp Pink is malware spreading through group chats

A hacker claims to be selling sensitive data from OTP generating firm
Hacking News

A hacker claims to be selling sensitive data from OTP generating firm

HACKREAD is a News Platform that centers on InfoSec, Cyber Crime, Privacy, Surveillance and Hacking News with full-scale reviews on Social Media Platforms & Technology trends. Founded in 2011, HackRead is based in the United Kingdom.

Follow us