TorrentLocker Purveyors Now Concentrating on UK Internauts - Trend Micro

According to Trend Micro the security company, the file-encrypting ransom malware TorrentLocker's owners are shifting their campaign to Europe away from Australia as they're dispatching fake e-mails inside the continent, with UK Internauts getting targeted most.

Since long, TorrentLocker assaults got detected the maximum in Australia; however, according to security investigators, the volume of spam outbreaks serving the ransomware have come down across the region.

Within United Kingdom, TorrentLocker scam e-mails pose as messages sent from British Gas and other similar utilities as well as from government entities such as the Ministry of Justice or Home Office.

TorrentLocker and likewise nasty software are referred to as ransomware that yields money to their owners via locking access to computers for the users and then demanding fees to restore that same access.

Cyber Security Consultant Bharat Mistry with Trend Micro describes TorrentLocker's activity as searching Microsoft Office files such as Excel, PowerPoint or Word documents in the infected PCs' hard drives to then lock them via tough encryption. Business Insider published this dated July 2, 2015.

Mistry continues that once the encryption is done, the malware modifies User's Interface as well as the Wallpaper for displaying one note that directs the victim for going inside one payment website that would tell the ransom sum.

As of most recent TorrentLocker assaults, the e-mails become partly recognizable since users find about pursuing one web-link leading onto a site that the hacker owns followed with inserting a CAPTCHA code prior to pulling down the malware.

The attacks involve some 800 hijacked URLs to display graphics within the e-mails, alternatively for acting like redirector websites related to links embedded on the malicious e-mails. In the meantime, the fraudulent websites themselves get their hosting service from Turkish and Russian servers.

Further, the attacks also involve a few of the Internet Protocol addresses that work like CnC (command-and-control) servers, with the Tinba banker Trojan, among other banking Trojans, getting employed.

For avoiding destructions by TorrentLocker, Trend Micro recommends maintaining a backup system, while being cautious of websites requesting CAPTCHA entries particularly when they immediately follow an e-mail web-link.

» SPAMfighter News - 7/16/2015