The outrageous attack combination of ransomware, claims to donate to charity, and even details of children’s names, diagnoses, and pictures proves there is no low cybercriminals won’t go to in the name of money.
Ransomware protection and detection has improved over the years. So, cybercriminals are constantly looking for new ways to ensure payment. This latest version is downright revolting.
The CryptoMix ransomware has resurfaced, according to a recent blog at Ransomware Incident Response vendor CoveWare. With each infection, the message goes beyond just asking for bitcoin, but instead attempts to compel victims to pay the ransom with the claim that the money will go to a fictitious charity.
Throughout the entire payment process, the cybercriminals keep up the “it’s all for the kids” act, reinforcing the story with profiles of supposed children that will be helped.
My favorite part is how they sum up the profile with a total amount that has already been “contributed” (oh, how noble of them!):
The ruse is maintained to the bitter end, with their “Thank You” email (sent upon payment of the ransom) includes the notion that your name will be shared as the person that provided the aid.
Stealing money from others is already despicable. But using the idea of children with cancer as the motivation for ransom payment is just sickening. This form of social engineering is easily spotted and likely does little to motivate its victims.
We recommend EVERYONE to review the 22 social engineering red flags to watch out for in any email. It might be a good idea to print out this PDF and pass it along to family, friends, and coworkers. Remember to always think before you click!