light bulb

Did You Know?



Reply
Posts: 4,789
Topics: 3,024
Kudos: 5,890
Registered: ‎06-12-2013

Crypto-Malware Steals Email Addresses and Passwords, Spreads Itself

August 27th, 2014, 15:37 GMT · By Ionut Ilascu

 

Word document that masks the encryption process
- Word document that masks the encryption process

 
A new strain of crypto-malware is currently affecting Russian-speaking countries, with functions that allow it to steal email addresses and corresponding addresses, as well as to spread on its own to the victim’s email contacts.

Apart from these particularities of the malware, security researchers note that it is written in a batch file and used multiple freely available tools to carry out its dirty work.

The attack vector is a Word document delivered via email, which claims to include a change in the terms of agreement of a service that needs to be reviewed before signing.

As soon as the victim opens the document, a downloader written in JavaScript funnels in a bunch of executables masked with the BTC extension. These are free, publicly available tools necessary for encrypting the data stored on the computer as well as for propagating the malware.
 

 

Sr. Community Leader