Security News > 2021 > November > Phishing emails deliver spooky zombie-themed MirCop ransomware
A new phishing campaign pretending to be supply lists infects users with the MirCop ransomware that encrypts a target system in under fifteen minutes.
The email body contains a hyperlink to a Google Drive URL, which, if clicked, downloads an MHT file onto the victim's machine.
The RAR archive contains an EXE file, which uses VBS scripts to drop and execute the MirCop payload onto the infected system.
The ransomware activates immediately and starts taking screenshots, locks files, changes the background to a horrid zombie-themed image, and offers victims instructions on what to do next.
According to Cofense, this whole process takes less than 15 minutes from the moment the victim opens the phishing email.
MicroCop is an old ransomware strain that used to deliver absurd ransom demands onto its victims.
News URL
Related news
- Beware of phishing emails delivering backdoored Linux VMs! (source)
- New Phishing Tool GoIssue Targets GitHub Developers in Bulk Email Campaigns (source)
- Russian Hackers Exploit New NTLM Flaw to Deploy RAT Malware via Phishing Emails (source)
- Phishing emails increasingly use SVG attachments to evade detection (source)