steven36 Posted June 25, 2018 Share Posted June 25, 2018 Extortion emails that threaten recipients with a WannaCry infection if they don’t pay up are making the rounds in the UK and elsewhere. The activity prompted an alert Friday from the City of London’s Action Fraud unit, which said at the time that police had already received almost 300 reports in just a two-day span. The emails claim that all of the victim’s devices have been hacked and infected with the infamous ransomware. In reality, the threat is an empty one. “The WannaCry emails are designed to cause panic and trick you into believing that your computer is infected with WannaCry ransomware,” Action Fraud warned. “In reality the emails are just a phishing exercise.” Nonetheless, the threat actors sending the emails are banking on consumers erring on the side of caution, and are demanding payment from victims in Bitcoin in exchange for “fixing” the purported infection. The strategy is a savvy one, and especially for the U.K.: WannaCry ransomware made headlines in May last year after about 200,000 computers across more than 150 countries were affected, with one of the biggest impacts being felt in the National Health Services in England and Scotland. In addition to the general issues of computers being locked, healthcare devices were also frozen. MRI scanners, blood storage refrigerators, and other medical equipment were compromised to the point that non-critical patients were turned away from some facilities with at least 6,900 NHS appointments canceled, according to NHS. In all, more than a third of NHS trusts in England were disrupted by the ransomware, according to the U.K.’s National Audit Office (NAO). The gambit is similar to another current scam led by emails coming from the “WannaCry-Hack-team”, with a subject line of “!!!Warning Wannacrypt!!!” According to an alert from Sophos on Friday, the email reads, “Hello! WannaCry is back! All your devices were cracked with our program installed on them. We have improved operation of our program, so you will not be able to regain the data after the attack.” The email then tells the victim when the data is scheduled to be deleted – unless, of course, the ransom (0.1 BTC of $650) is paid. According to Sophos, there’s no malware, and the entire effort is simply fraud. The firm said the campaign is “very widespread.” This isn’t the first time fraudsters have used WannaCry as a way to reel in victims. Last year, it was used as a hook to try and get people to click on the links within a very convincing BT-branded phishing email. Consumers can protect themselves first and foremost by being skeptical of emails from unknown senders, and those claiming one’s machine has a virus infection. The “you’re infected” approach is a well-worn social-engineering tactic that’s been used in tech-support scams for years. In fact, last year an extortion campaign made the rounds in which consumers received pop-ups on their computers that claimed they had been infected with WannaCry. The pop-ups asked people to call a phone number connecting to scammers that were more than willing to take people’s money. Also, keeping antivirus, software, apps and operating systems regularly up-to-date is a critical best practice. Source Link to comment Share on other sites More sharing options...
knowledge-Spammer Posted June 25, 2018 Share Posted June 25, 2018 i think i no who is the maker of this and the one befor this soon u see new one again ill look up the name soon have free time and ill tell u befor the news say about it the one i have seen it and have new change and name changes Link to comment Share on other sites More sharing options...
Archanus Posted July 1, 2018 Share Posted July 1, 2018 I thought the problem with that malware has been solved Link to comment Share on other sites More sharing options...
plb4333 Posted July 1, 2018 Share Posted July 1, 2018 None of them are 'solved'....Always ongoing because of morphing of coding Link to comment Share on other sites More sharing options...
Recommended Posts
Archived
This topic is now archived and is closed to further replies.