Spamhaus-themed ransomware delivered through exploit kits
It seems that users are starting to recognize ransomware accompanied with fake notifications by copyright enforcement and law enforcement agencies for what it is, and cyber crooks are trying out new approaches.
PC Risk has spotted a variant that is misusing the name, logo and reputation of the Spamhaus Project, an international organization dedicated to tracking email spammers and spam-related activity:
“You have lost control over your computer. Your system and all your files has been blocked and encrypted because you were spreading the Malware (viruses, Trojans, worms). You are breaking numerous International and USA laws,” claims the message.
“You have a chance to settle this issue right now before we contact the proper authorities. Within 48 hours, you can pay afire of $300. All your files will be decrypted, and access to the computer will be granted, a claim for compensation from affected from affected companies will be removed and your IP address will be restored to good standings with XBL Block List. If you don’t pay a penalty within the next 48 hours, local authorities and secret service will be contacted, and most likely it will result in your arrest. You can and will be prosecuted to the fullest extent of the law in order to recover our lasses. Do not take a chance to be convicted as a felon,” it threatens, and urges users to pay the “fine” via MoneyPak.
Luckily for them, they actually do not have to pay for anything in order to get their computer back to normal – they simply have to perform the actions explained in this removal guide.
This ransomware is currently being spread via exploit kits.