Recently, extortionate software has been gaining more and more popularity among cyber criminals, and almost every week, there is a new Trojan cipher.
While some use extortionate software to enrich at the expense of innocent victims, others use it to extract funds for charity.
Trojan-Extortionist CyptMix Demands Money To Help Children
Experts from the Heimdal Security company, which protects users and companies from cyber-criminal actions by keeping confidential information and intellectual property safe, have discovered a new Trojan-cipher CyptMix, which attracts victims to pay for a good cause and tells them to think to have the opportunity to help the children.
This new strain of malware is spread through spam emails and drive-by attacks. However, it is the first time that experts have seen this kind of Psychological manipulation in ransomware-based attacks. Still, most likely, the loud statements are the only way to the psychological impact on the victim.
The ransom note was sent to the victims of the CyptMix ransomware “Your money will be spent for the children’s charity.
So that means that You will get a participation in this process too. Many children will receive presents and medical help! And We trust that you are a kind and honest person! Thank You very much! We wish You all the best! Your name will be on the main donor’s list and stay in the charity history!”.
As we mentioned earlier that CyptMix spreads via phishing emails and attacks drive-by. Hence, it encrypts all the files on the infected system. Then the extortionist demands a ransom for their restoration in the amount of bitcoins 5 (about $ 2,200), which is an unusually large sum for Trojan cipher.
The malware was written based on open source, a variant of CryptoWall 4 with components CryptXXX.
However, the malware authors also fixed the vulnerability that allowed the “Kaspersky Lab” to create a tool to recover the encrypted files from CryptXXX.