New strain of ransomware claims to donate profits to fictitious children's cancer charity

Cyberattackers have reportedly been using a strain of ransomware called CryptoMix to remotely hack computers and then falsely claiming that victims' ransom payments will be used to fund children's medical help, HealthcareInfoSecurity reports.

Coveware, a ransomware response firm, identified the uptick in attackers launching cyberthreats with crypto-locking ransomware CryptoMix. The ransom notes claim that victims' payments — typically made in bitcoin to unlock their stolen files — will go to a fictitious charity for kids with cancer, dubbed the International Children Charity Organisation. The attackers have also lifted information from crowdfunding websites aimed at helping raise money for medical treatments to back up their stories.

"We identified legitimate crowdfunding pages for the children whose images matched those in the ransom notes," reads a Coveware blog post, according to HealthcareInfoSecurity. "We also notified the families of the children whose images could be positively identified. Despite the upsetting nature of the news, we felt that the families had a right to know."

"We are guessing this tactic is meant to assuage the moral hazard associated with paying a ransom," the blog post continues. "It goes without saying that these cybercriminals did think this through. It is poignantly obvious that the charity is fake, and that the details of the child's case are lifted from other sites."

Copyright © 2023 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars