Jump to content
Login new information ×
Login new information
Donations campaign phase one 2024

Attackers Sending Out Fake CDC Flu Warnings to Distribute GandCrab

The AchieVer

By The AchieVer
in Security & Privacy News

Recommended Posts

The AchieVer

The AchieVer

Posted
Posted

Attackers Sending Out Fake CDC Flu Warnings to Distribute GandCrab

 

Digital attackers are sending out fake flu warnings that appear to come from the U.S. Center for Disease Control (CDC) in order to distribute GandCrab ransomware.

 

An attack begins when a user receives a fake CDC email. The sender field claims that the email came from “Centers for Disease Control and Prevention.” But a closer look reveals the sender to actually be “[email protected],” an email address which has nothing to do with the CDC.

 

That’s not the end of the attack campaign’s mischief. The email’s subject line of “Flu pandemic warning” also has something to hide. As explained by My Online Security:

To confuse the issue even more the subject line was written in what looks like a mix of cyrillic & western characters & encoded in UTF8 format so a computer will automatically translate / decode it. When I first tried to post this, I got a garbled mess of characters in the url to this post where the Copy & pasting from the email picked up the utf8 format.

2019-03-13_04-26-07-1024x1020.jpg
Fake CDC email. (Source: My Online Security)

The body of the email itself tries to trick the recipient into viewing an “Instructions DOC” link so that they can protect themselves against the flu. When clicked, the link loads a Microsoft Word document that’s empty except for its “Urgent notice” heading. The document also comes with malicious macros that download GandCrab ransomware when enabled.

Unfortunately, the attack campaign is currently distributing version 5.2 of the crypto-malware. This variant is currently beyond the scope of a free decryptor developed for the ransomware.

 

Users can help protect themselves against attack campaigns such as this one by familiarizing themselves with the most common attack techniques employed by phishers. They should also back up their data on a regular basis, update their OS for known vulnerabilities and follow these additional tipsto prevent a ransomware infection.

 

 

 

Source

Link to comment
Share on other sites
  • Views 277
  • Created
  • Last Reply

Archived

This topic is now archived and is closed to further replies.

Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...