Security News > 2022 > June > Fake copyright infringement emails install LockBit ransomware
LockBit ransomware affiliates are using an interesting trick to get people into infecting their devices by disguising their malware as copyright claims.
The recipients of these emails are warned about a copyright violation, allegedly having used media files without the creator's license.
The emails, spotted by analysts at AhnLab, Korea, do not determine which files were unfairly used in the body and instead tell the recipient to download and open the attached file to see the infringement content.
If the victim opens the supposed "PDF" to learn what images are being used illegally, the malware will load and encrypt the device with the LockBit 2.0 ransomware.
While the use of copyright violation claims is interesting, it's neither novel nor exclusive to LockBit members, as many malware distribution campaigns use the same lure.
According to NCC Group's "Threat Pulse" report for May 2022, published today, LockBit 2.0 accounted for 40% of all ransomware attacks reported in the month.
News URL
Related news
- LockBit ransomware returns, restores servers after police disruption (source)
- LockBit Ransomware Group Resurfaces After Law Enforcement Takedown (source)
- LockBit Back Online as Ransomware Gang Continues to Clash with Law Enforcement (source)
- LockBit ransomware returns to attacks with new encryptors, servers (source)
- LockBit ransomware affiliate gets four years in jail, to pay $860k (source)
- LockBit Ransomware Hacker Ordered to Pay $860,000 After Guilty Plea in Canada (source)
- LockBit ransomware kingpin gets 4 years behind bars (source)