LockBit: Ransomware in emails claiming copyright infringement
Hackers and malware authors are getting more and more creative to run malicious code on other people’s systems. LockBit ransomware spreads through spam emails indicating copyright infringement. Site operators usually have to follow up on such reports. The emails were from AhnLab (through bleeping computer) discovers and informs the operator that alleged copyrighted content is being used on the platform.
The administrator is prompted to view and then delete the affected files. However, the link points to a password-protected ZIP archive that contains a compressed file. This prevents detection by security tools. The executable program is disguised as a PDF document. In reality, it is an NSIS installer that installs the LockBit 2.0 encryption Trojan.
Messages should name files
However, experienced administrators, in particular, should be able to spot phishing emails relatively easily. In a legitimate copyright notice, the documents involved are usually mentioned directly. If the file is not stated, it can usually be assumed that it is a fake message.
It is unusual for the operator to first have to load a file from a third-party server in order to compare it with its content and clear the violation. Therefore, users are not allowed to open attachments and links to emails from unknown senders. If this is necessary, a secure environment must be used.
Digital marketing enthusiast and industry professional in Digital technologies, Technology News, Mobile phones, software, gadgets with vast experience in the tech industry, I have a keen interest in technology, News breaking.