August 27th, 2014, 15:37 GMT · By Ionut Ilascu
http://news.softpedia.com/images/news-700/Crypto-Malware-Steals-Email-and-Passwords-Spreads-Itself.jpg - Word document that masks the encryption process
A new strain of crypto-malware is currently affecting Russian-speaking countries, with functions that allow it to steal email addresses and corresponding addresses, as well as to spread on its own to the victim’s email contacts.
Apart from these particularities of the malware, security researchers note that it is written in a batch file and used multiple freely available tools to carry out its dirty work.
The attack vector is a Word document delivered via email, which claims to include a change in the terms of agreement of a service that needs to be reviewed before signing.
As soon as the victim opens the document, a downloader written in JavaScript funnels in a bunch of executables masked with the BTC extension. These are free, publicly available tools necessary for encrypting the data stored on the computer as well as for propagating the malware. Full Article
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.