Incident Response, Malware, TDR

New ransomware named ‘CryptoLocker’ being spread via phishing emails

Although the Justice Department announced in July that the Cryptolocker threat had been neutralized, new ransomware with the same name and a low detection rate on VirusTotal is being delivered via emails purporting to come from the State Debt and Recovery Office in Australia.

The email claims that the recipient was caught driving in excess of the speed limit and must pay a fine, according to a Thursday post by Barracuda Labs.

Clicking on the ‘Invoice' or ‘View Camera Images' buttons within the email will direct to a webpage that instructs recipients to input a CAPTCHA to download a penalty notice, the post indicates. Doing so will result in all files on the computer being encrypted by 'CryptoLocker' until a ransom is paid.

This threat does not appear to be tied to the original Cryptolocker, according to the post.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.