Ransomware spreading through coronavirus info
New phishing campaign that aims at delivering the Netwalker Ransomware has been discovered by MalwareHunter.
Everyday the number of cyber attacks using Coronavirus theme is increasing.
This time, infected attachment named CORONAVIRUS_COVID-19.vbs that contains an embedded Netwalker ransomware executable and obfuscated code to extract and launch it on the computer is sent.
Upon the execution of the script the executable is saved to %Temp%\qeSw.exe and launched to start the encryption of the files. This type of ransomware gives instruction on how to pay the ransom via a TOR payment site.
- Before you open any attachment from unknown source be extra vigilant.
- Be very careful with any information on coronavirus.