Hackers are smuggling malware behind fake copyright infringement emails

Your website is probably not hosting copyrighted material

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

A new email campaign is seeking to encrypt as manyendpointswith the Lockbit 2.0 ransomware as it can. Given the contents of the email being distributed, it would seem the campaign is aimed at webmasters and website owners.

The email “warns” the victim that their website is hosting copyright-protected content, and that they’re infringing on that copyright. It also urges the victim to remove the content from their websites immediately, or face legal action.

But here’s the big red flag - instead of simply listing the copyrighted content directly in the email, the contents are shared in a password-protected .ZIP archive.

Share your thoughts on Cybersecurity and get a free copy of the Hacker’s Manual 2022. Help us find how businesses are preparing for the post-Covid world and the implications of these activities on their cybersecurity plans. Enter your email at theend of this surveyto get the bookazine, worth $10.99/£10.99.

Evading email protection

The archive contains a compressed file, an executable file posing as a PDF document. The executable is an NSIS installer, loading the LockBit 2.0 ransomware which, in turn, encrypts all of the files on the endpoint.

By wrapping the file and placing it in a password-protected archive, the attackers hope to evade their payload being detected by email security tools.

Copyright claims are not exactly a novelty when it comes to distributing malware, the publication has found. Earlier this year, there had been “numerous” emails of this sort, disrtibuting the likes of BazarLoader, or the Bumblebee malware loader.

Don’t fall for this devious phishing scam, Facebook users warned>What is phishing and how dangerous is it?>Everything you need to know about phishing

LockBit 2.0 is by far the most widespread ransomware variant, security researchers from NCC group have said. Allegedly, LockBit 2.0 accounted for 40% of all ransomware attacks that happened in May this year.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Ransomwareis an extremely popular type ofmalwareas it holds the promise of great earnings. Businesses are advised to educate their employees how to spot phishing emails, keep their software and hardware updated, and install advancedantivirussolutions.

Via:BleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

This new malware utilizes a rare programming language to evade traditional detection methods

A new form of macOS malware is being used by devious North Korean hackers

Arcane season 2 confirms the hit series isn’t just one of the best Netflix shows ever made – it’s an animated legend that’ll stand the test of time