Tuesday, November 26, 2024
HomeCyber Security NewsCryptoMix Ransomware - Tricks Users to Pay Ransom for Helping Children

CryptoMix Ransomware – Tricks Users to Pay Ransom for Helping Children

Published on

CryptoMix ransomware (old ransomware spotted early in 2016) returns with a new trick, ripping data and images from crowdfunding sites and claiming ransomware payments go to the needy.

This old family of ransomware has returned with a new campaign which uses information about children stolen from crowdfunding websites and claims that payments made in exchange for unlocking encrypted files will be donated to good causes.

This CryptoMix is a combination of CryptXXX and CryptoWall ransomware. However, researchers have uncovered a new CryptoMix campaign that looks to make up for its lack of notoriety with this unpleasant new trick. Still, IOC’s, TTP and Encrypting mechanism are unavailable and the attribution of the attack is unclear.

- Advertisement - SIEM as a Service

How this Rransomware works?

This ransomware attack begins, like many others, with brute force attacks targeting weak passwords on RDP ports. Once inside the network, the attackers harvest the admin credentials required to move across the network before encrypting endpoints and wiping back-ups.

Victims are then presented with a ransom note that tells them to send an email to the ransomware distributors, who also warn victims not to use any security software against CryptoMix, with the attackers claiming that this could permanently damage the system.

Tricky Ransom Note to lure victims

Obviously, this isn’t the worrying part, but in an effort to lure victims into believing the scam, the CryptoMix distributors appear to have taken information about real children from crowdfunding and local news websites.

The researchers have notified the families of the children affected. The hackers claim that children will receive presents and medical help as a result of the payment but also threaten that the ‘donation’ will be doubled if the payment isn’t received within 24 hours.

You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity updates also you can take the Best Cybersecurity courses online to keep your self-updated.

Hackers Offering DDoS-for-Hire Service Powered by Bushido Botnet in Dark Web Markets

Chalubo Botnet Compromise Your Server or IoT Device & Use it for DDOS Attack

Latest articles

Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks

Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting...

Python NodeStealer: Targeting Facebook Business Accounts to Harvest Login Credentials

The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ...

XSS Vulnerability in Bing.com Let Attackers Send Crafted Malicious Requests

A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to...

Meta Removed 2 Million Account Linked to Malicious Activities

 Meta has announced the removal of over 2 million accounts connected to malicious activities,...

Free Webinar

Protect Websites & APIs from Malware Attack

Malware targeting customer-facing websites and API applications poses significant risks, including compliance violations, defacements, and even blacklisting.

Join us for an insightful webinar featuring Vivek Gopalan, VP of Products at Indusface, as he shares effective strategies for safeguarding websites and APIs against malware.

Discussion points

Scan DOM, internal links, and JavaScript libraries for hidden malware.
Detect website defacements in real time.
Protect your brand by monitoring for potential blacklisting.
Prevent malware from infiltrating your server and cloud infrastructure.

More like this

Threat Actors Exploit Google Docs And Weebly Services For Malware Attacks

Phishing attackers used Google Docs to deliver malicious links, bypassing security measures and redirecting...

Python NodeStealer: Targeting Facebook Business Accounts to Harvest Login Credentials

The Python-based NodeStealer, a sophisticated info-stealer, has evolved to target new information and employ...

XSS Vulnerability in Bing.com Let Attackers Send Crafted Malicious Requests

A significant XSS vulnerability was recently uncovered in Microsoft’s Bing.com, potentially allowing attackers to...