It seems that such attacks should be well-studied and their consequences neutralized, however, TrendMicro recently discovered new species of Dharma extortions. In addition, malware acquired new tactics.
Attack begins with an email, for example, from Microsoft.
According to the message that user receives, his computer is allegedly under threat, and it is necessary immediately install antivirus software. For doing so, users had to download proposed file. This file usually contains extortionists’ software and legal and well-known to users ESET AV Remover, a antivirus tool from ESET Company for removal installed antivirus scans from computer.
Regardless if users will complete installation of AV Remover or not, extortionist encrypts all files’ types at the background. Finally, users will have to pay for decryption of files.
“Cybercriminals have history of abuse with authentic instruments. And this recent practice of installer exploitation as a distraction is one more method they experiment with” – says Rafael Senteno from antivirus company TrendMicro.
ESET company was informed about exploitation of their products for Dharma Ransomware promotion and their representatives found necessary to argue:
“The case describes the well-known practice for malware to be bundled with legitimate application(s). In the specific case Trend Micro is documenting, an official and unmodified ESET AV Remover was used. However, any other application could be used this way. The main reason is to distract the user, this application is used as a decoy application. ESET threat detection engineers have seen several cases of ransomware packed in self-extract package together with some clean files or hack/keygen/crack recently. So this is nothing new.”
TrendMicro gives recommendations on the protection from similar things.
Source: https://blog.trendmicro.com
About News-bhexusa.xyz News-bhexusa.xyz pop-ups can not open out of nowhere. If you have clicked on…
About News-bhupotu.xyz News-bhupotu.xyz pop-ups can not launch out of the blue. If you have clicked…
About News-bhocime.info News-bhocime.info pop-ups can not open out of the blue. If you have actually…
About You-hub.online You-hub.online pop-ups can not launch out of nowhere. If you have clicked on…
About News-bhecudu.live News-bhecudu.live pop-ups can not introduce out of the blue. If you have clicked…
About News-bhiciwe.today News-bhiciwe.today pop-ups can not introduce out of the blue. If you have clicked…