CryptoWall and Fake Tech Support Scams Hit UK, USA - How to, Technology and PC Security Forum | SensorsTechForum.com
THREAT REMOVAL

CryptoWall and Fake Tech Support Scams Hit UK, USA

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

ransomware-file-encryptionIf you haven’t heard – we’re in the midst of a ransomware tsunami. However, disasters often come in pairs. The vicious ransomware attacks are triggered by a strong current of fake tech-support scams. The double threat is currently sweeping away victims in North America and the United Kingdom.

A Scam Website Redirects to the Nuclear EK

Symantec researchers have detected a generic tech support scam mostly affecting users in the US, UK and Canada. As expected, the scam triggers the display of intrusive pop-up windows falsely alarming users about viruses in their systems. The pop-ups redirect to scamming pages containing toll-free numbers.

One particular scam page includes an iframe which will redirect the victim to a server hosting the Nuclear exploit kit. We’ve recently reported that CryptoWall 4.0 is currently spread via Nuclear EK. This is what Symantec experts say:

We’ve recently seen many instances where attackers serve tech support scams and the Nuclear exploit kit almost simultaneously.

CVE-2015-7645 Exploited

If the target is misfortunate enough to be using outdated software prone to exploits, they are in deep trouble. Either CryptoWall (Trojan.CryptoWall) or an information-stealing Trojan (Trojan.Miuref.B) will enter their system.

The vulnerability mostly exploited in the attack scenario is identified to be CVE-2015-7645, or Adobe Flash Player Unspecified Remote Code Execution Vulnerability. However, other security flaws are also leveraged.

Learn More about Exploitation of Software Vulnerabilities:
Common Vulnerabilities and Exposures

Researchers warn that if the attack scenario proves successful, we’re going to witness another strong current of ransomware and scareware working together.

Milena Dimitrova

An inspired writer and content manager who has been with SensorsTechForum for 4 years. Enjoys ‘Mr. Robot’ and fears ‘1984’. Focused on user privacy and malware development, she strongly believes in a world where cybersecurity plays a central role. If common sense makes no sense, she will be there to take notes. Those notes may later turn into articles!

More Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Time limit is exhausted. Please reload CAPTCHA.

Share on Facebook Share
Loading...
Share on Twitter Tweet
Loading...
Share on Google Plus Share
Loading...
Share on Linkedin Share
Loading...
Share on Digg Share
Share on Reddit Share
Loading...
Share on Stumbleupon Share
Loading...