Nowadays, hacking groups are involved in ransomware distribution activities, distributing wiper malware in disguise of ransomware via noted gaming and adult websites. News is out that the websites are fake and developed to impersonate genuine websites without connection with the ongoing malware distribution.
The modus operand is clear, lure the customer into an X-rated website or a gaming URL and pressurize them in clicking fake links that either are in disguise for JPEG images or a high end game.
Intelligence experts from Cyble have confirmed the spread of ransomware through fake adult websites, but are yet to reach to a confirmation regarding gaming portals.
The images that being used are of Britney spears, Kardashian sisters, and some renowned models. Hackers chop down the faces in images of the said celebrities and paste them to actors enacting in adult films. They take a screenshot and start promoting the images as real and downloadable. They are portrayed in such a form that those viewing them will be tempted to click and there starts the big trouble.
A malware in disguise of ransomware drops down immediately. But it is in actual a wiper malware that has the capabilities to destroy data.
The only exception in this crime is that the threat actors offer a 3-day time frame for the victims and demand $300 in bitcoins which is massive, as per the today rate of Bitcoin against the dollar. If the victim urges to buy time, they are given an extension of more than 4 days and with an obligation of paying $600. And as soon as the victim rejects the plea or fails to pay it on time, the downloaded malware starts destroying the data and the process is irreversible.
NOTE- It is hard to identify such campaigns, so the only way to secure your device and network from such attacks is to stay away from notorious websites to stay trouble-free.
