New Ransomware Encrypts Data And Steals Payment Info

January 22, 2019

Written by wukovits

There’s a new strain of ransomware being deployed with increasing frequency.  Believe it or not, it’s even more dangerous than the strains we’ve seen in recent months.

Unlike other types of ransomware, this one not only encrypts your files and demands payment (which is bad enough) but it also attempts to steal your credit card information via a PayPal phishing page included in the code.

Most of the ransomware we’ve seen will lock up your files and demand payment in BitCoin.  This one offers you the choice of paying the fee via PayPal and provides a “helpful” link to facilitate payment.

Unfortunately, the link in question doesn’t point to PayPal, but to a phishing site that the hackers control. The site tries to get you to enter your credit card information, along with your PayPal credentials.  Most victims will be in such a rush to get their files unlocked that they won’t even think to look. Despite being a convincing copy of the PayPal payment screen, the domain is definitely not PayPal.

Of course, even after you hand over all the required information, no payment will be made. The victim will get a message that their PayPal account has been locked. No matter, the hackers already have your financial information and can max out your credit card or drain your bank account depending on the card information you provided.

This is the most sophisticated ransomware-based attack we’ve seen to date and is a clear sign of things to come.  Based on the early success this new strain is enjoying, we can expect to see an increasing number of hackers employing similar tactics as the threat matrix continues to shift, change, and evolve.

That’s bad news for IT security personnel, who are already struggling to stem the tide.  Stay on your guard.

Used with permission from Article Aggregator

Related Articles

Some Amazon Device Features May Have Security Risks

Have you heard of Amazon Sidewalk? If not, it's definitely something you should be aware of. Depending on your point of view, the new feature, which was enabled by default on a wide range of Amazon devices by default on June 8 of this year (2021) is either...

Email Unsubscribe Scam Can Easily Fool Any User

Scammers are increasingly relying on a tried and true bit of social engineering to fool unsuspecting users into unwittingly signing up to receive a flood of additional spam email. They accomplish this by blasting out an email asking recipients if they wish to...

Update VMWare Software Immediately To Avoid Possible Attack

The US Cybersecurity and Infrastructure Security Agency recently issued a warning to all companies running VMware Vcenter Server and VMware Cloud Foundation. They are asking them to download and apply the latest security patches as soon as possible because attackers...

Send us a message

Your message was sent.

Thank you for contacting Bayou Technologies. We'll be in touch soon!

Need help? support-icon