CATEGORIES
home News

Locky And FakeGlobe Ransomware Duo Seeks Maximum Damage Spread Via Global Spam Campaign

by Shane McGlaunTuesday, September 19, 2017, 02:29 PM EDT

TrendMicro has published a report that claims that a "sizable" spam campaign is underway and other than just having a bunch of unwanted email to contend with, the spam campaign is also pushing ransomware. The spam campaign is said to be distributing the latest variant of Locky, which is the ransomware that invaded LinkedIn back in November of last year via bogus leads. 

ransomware

The security firm says that it has looked at samples of these recent spam campaigns and has found that criminals are using some sophisticated distribution methods to affect users in over 70 countries. Along with Locky, the spammers are also distributing another ransomware program called FakeGlobe and that the two programs are being rotated. 

In these spam campaigns, when the user clicks on a link from the spam email, Locky could be distributed one hour and then FakeGlobe might be sent to the same user the next hour. This means that a person is more likely to get reinfected thanks to the dueling banjos nature of the two separate ransomware programs.

spam camp

In these recent spam campaigns, most of the users who were affected are in Japan, China, and the US. TrendMicro reports that 46% of the spam was sent to over 70 other countries with distribution peaking on September 4, 2017 at 4pm. The spam emails that users are receiving have a link and an attachment; the attachment is a .7z (7-zip) rather than a .zip file. The emails are disguised as invoices or bills that are targeting the user. Clicking the link in the email downloads an archive that is similar to the attachment, but they connect to different URLs according to TrendMicro.

The FakeGlobe variant also downloads in a similar method and uses fake invoices to lure people to click attachments and links. The ransomware does have a support page to help the victims pay the ransom to unlock their files. TrendMicro also warns of other spam campaigns with one of them using a DOC attachment that tries to trick users into enabling Macros to distribute a malicious payload. This campaign is also rotating Locky and FakeGlobe.

Top image source: medithIT/flickr

Tags:  security, spam, Ransomware, trendmicro
TOP CONVERSATIONS
Your Next PC Platform?
More Results
KEEP INFORMED
SITE

Home

Reviews

News

Blogs

Full Site

Sitemap

CATEGORIES

PC Components

Systems

Mobile

IT Infrastructure

Leisure

Videos

COMPANY

About

Advertise

News Tips

Contact

Privacy And Terms

HotTech

MORE

Accessibility

Shop

STAY CONNECTED

Twitter

Facebook

YouTube

RSS

As an Amazon and Howl Technologies Associate, HotHardware earns a commission from qualifying purchases made on this site. This site is intended for informational and entertainment purposes only. The contents are the views and opinion of the author and/or his associates. All products and trademarks are the property of their respective owners. Reproduction in whole or in part, in any form or medium, without express written permission of Hot Hardware, Inc. is prohibited. All content and graphical elements are Copyright © 1999 - 2024 David Altavilla and Hot Hardware, Inc.
All rights reserved. Privacy and Terms - Accessibility Commitment