Security News > 2021 > November > Phishing emails deliver spooky zombie-themed MirCop ransomware
A new phishing campaign pretending to be supply lists infects users with the MirCop ransomware that encrypts a target system in under fifteen minutes.
The email body contains a hyperlink to a Google Drive URL, which, if clicked, downloads an MHT file onto the victim's machine.
The RAR archive contains an EXE file, which uses VBS scripts to drop and execute the MirCop payload onto the infected system.
The ransomware activates immediately and starts taking screenshots, locks files, changes the background to a horrid zombie-themed image, and offers victims instructions on what to do next.
According to Cofense, this whole process takes less than 15 minutes from the moment the victim opens the phishing email.
MicroCop is an old ransomware strain that used to deliver absurd ransom demands onto its victims.
News URL
Related news
- New Morphing Meerkat Phishing Kit Mimics 114 Brands Using Victims’ DNS Email Records (source)
- PoisonSeed phishing campaign behind emails with wallet seed phrases (source)
- Phishing Campaigns Use Real-Time Checks to Validate Victim Emails Before Credential Theft (source)
- Phishing emails delivering infostealers surge 84% (source)
- CoGUI phishing platform sent 580 million emails to steal credentials (source)
- Horabot Malware Targets 6 Latin American Nations Using Invoice-Themed Phishing Emails (source)