Maktub Ransomware Knows Where You Live



It's happening in the UK todayMaktub Locker Ransom Note, and you can expect it in America tomorrow [correction- it's already happening today]. The bad guys in Eastern Europe are often using the U.K. as their beta test area, and when a scam has been debugged, they go wide in the U.S.

So here is what's happening: victims get a phishing email that claims they owe a lot of money, and it has their correct street address in the email.  The phishing emails tell recipients that they owe money to British businesses and charities when they do not. The story appeared first on the BBC website, and spread from there. 

Blue Coat researcher Andrew Brandt announced it was the Maktub Locker ransomware strain and said: "It's incredibly fast and by the time the warning message had appeared on the screen it had already encrypted everything of value on the hard drive - it happens in seconds. 

"This is the desktop version of a smash and grab - they want a quick payoff. It also appears to be quite widespread - I've heard about it from multiple sources so it seems like they were fairly successful getting a lot of these sent out".

Maktub Locker Ransomware Payment Scale

Maktub doesn't just demand a ransom, it increases the fee - which is to be paid in bitcoins - as time elapses.

A website associated with the malware explains that during the first three days, the fee stands at 1.4 bitcoins, or approximately $580. This rises to 1.9 bitcoins, or $790, after the third day.

Now, I have been predicting this for a year or so. With the immense amount of data breaches going on, and the vast databases of stolen personal information out there, it's easy to extrapolate that some bad guys would grab several databases, do an "append" and "merge-purge" exercise and start blasting highly personalized mass attacks. And here is just the beginning.

Many victims claimed their address looked very much like the way it's formatted in their eBay accounts, although they released a statement denying any link:

"Ebay works aggressively to protect customer data and privacy, which is our highest priority.

"We are not aware of any link between this new phishing scam and eBay's data.

"We continually update our approach to customer data security in an effort to create the safest environment possible for our customers."

If you want to have a good chuckle, read the full story at the BBC, scroll down to the end and watch the video that they produced to explain what ransomware is.   :-D


If you want to prevent this type of social engineering tricking your employees, you need to step them through effective security awareness training and send them frequent simulated phishing attacks. Get a demo and see how easy it is to train and phish your end-users.

Request A Demo 


Topics: Ransomware



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews