Pastry lovers served with ransomware via exploit kit
Posted on 23.02.2012
French cake and pastry lovers have been targeted by cyber crooks as the website of the famous confectionery company Laduree has been compromised and found serving ransomware.

The site (at laduree.fr) has been modified to redirect users to another site hosting the BlackHole exploit kit. Once it took advantage of vulnerabilities on the visitors' computer, it would saddle the machine with the ransomware, which would promptly block it and display a fake notification from the French Police:


The message said that the users' computer was blocked because it was sending out spam and pornographic images and because the users were making illegal downloads. In order to get it unblocked, they would have to pay 200 euros via Ukash or Paysafecard.

According to Trend Micro researchers, the ransomware in question is the same one that was recently made to impersonate the Italian police and a number of European police agencies, making researchers believe that the same gang is behind all of these attacks.

"We noticed that the domain name of the URL used to host the exploit kit has been suspended," say the researchers. "Based on the logs, it was created on February 9, 2012 and last updated on February 14. The domainís registrant shows a .ru email address which might help in identifying a possible suspect, but this might just be a compromised email account."

It is interesting to note that this particular piece of malware is also capable of stealing login credentials for email accounts, social networks, poker sites, FTP servers, remote desktop software and more.






Spotlight

Targeted attack protection via network topology alteration

Posted on 17 October 2014.  |  This article from Trend Micro tackles how network topology can aid in defending the enterprise network from risks posed by targeted attacks.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Mon, Oct 20th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //