LockBit affiliates mask ransomware as copyright claims, tricking victims into downloading the malware on their devices.
Threat actors are not short of novel ways to trick victims. Researchers at AhnLab, an information security firm, spotted threat actors distributing malware via phishing emails disguised as copyright claims.
According to the report, LockBit affiliates disguise the ransomware to include names of illustrators and designers. Seeing a familiar name tricks some victims into clicking on the attachment without thinking twice.
Phishing emails have a compressed file attached that contains another file compressed inside. Once victims open the file, an executable disguised as a PDF is opened, releasing the malware into the system.
Report’s authors spotted phishing emails with fake copyright claims circulating in South Korea.
Pundits dubbed the LockBit 2.0 ransomware the most prolific strain of malware currently floating in the wild, responsible for nearly four in ten attacks observed.
People behind the group have recently gone out of their way to distance themselves from affiliations with Russia-based cyber gangs. Threat actors even pulled a media stunt to get their message across.
The success of LockBit 2.0 will likely continue as it has recently officially released the third generation of ransomware strains. According to a security research group VX-Underground, LockBit even offers a bug bounty program, often associated with large software companies.
More from Cybernews:
Subscribe to our newsletter