Report: New scam demands ransom payment — but does not deploy ransomware

There's a new type of ransomware scam making its way across the internet, according to English IT security company Sophos.

Ransomware is a type of malicious software that encrypts a victim's computer files, which cyberattackers offer to decrypt in exchange for a ransom payment. A cyberattacker using ransomware will typically demand payment in bitcoin.

In a June 22 warning, Sophos highlighted a group of scammers who are flipping the script. These particular scammers send an email to their target, claiming they have already installed a new type of ransomware — "WannaCrypt" — on their devices.

"We have improved operation of our program, so you will not be able to regain the data after the attack," the email reads, according to Sophos. "Antivirus software will not be able to detect our program, while firewalls will be strengthless against our unique code."

The email specifies a date on which all files held on the target's computers, servers and mobile devices will supposedly be encrypted and subsequently erased by WannaCrypt. To avoid any potential data loss, the scammers demand 0.1 bitcoin, an estimated $650.

However, Sophos wrote the scammers haven't actually installed any malware. Although disk-wiping malware — or ransomware with no decryption key — does exist, it does not appear these scammers are deploying it.

"The whole thing is a fraud, right down to the existence of the malware in the first place," Sophos wrote.

Copyright © 2024 Becker's Healthcare. All Rights Reserved. Privacy Policy. Cookie Policy. Linking and Reprinting Policy.


Featured Whitepapers

Featured Webinars