CryptoMix ransomware masquerades in Phishing Children’s Charity Program

34

Cyber Crooks have shown their malicious skills again by developing a new strain of ransomware and circulating it through a phishing children’s charity program. Cyber Security firm Covewave was the first to discover the fictitious activity and notify it to the world. So, kudos to its researchers!

Sources reporting to Cybersecurity Insiders say that the ransomware named CryptoMix hits its targets in the form of a charity email which shows names, diagnosis and even pictures of young children who need immediate health care. The email then diverts them to a fictitious website where victims are pursued to download software onto their PC after disabling their anti-virus programs.

In other cases, the hacker directs the victim to view charity related payment info and asks them to divert their cryptocurrency to a bitcoin wallet. The hacker also assures the victim that their name will be used alongside the donation and they will be able to meet the victim after treatment in leisure time after 6 months.

Note 1- Researchers from Avast say that the CryptoMix ransomware is not new to the cyber field and has been on their research radar since March 2016. However, they are surprised with the way it is being circulated in the name of a charity program.

Note 2- CryptoMix ransomware is known to first infect the machine and then communicate with the command server to establish a key to encrypt files. They are many media reports on Google claiming that the victim’s files remained locked even after the ransom was paid.

Note 3- Security experts from Malwarebytes say that the Ransom.cryptomix is being spread through various methods. It is found being circulated through online free software, or could be disguised in the form of a program and distributed via email and may also spread through malicious websites.