Over the past few years we have come across a huge number of malicious campaigns that can affect our computers in a wide variety of ways. Now the National Police of our country is warning about a very dangerous one that focuses on the arrival of ransomware-type malware.
We say all this because law enforcement is now alerting about a phishing campaign that is underway right now. Most dangerous of all, it targets LockBit Locker ransomware. In addition, it is also important that we take into consideration that it can reach us through email. At first it was aimed at certain companies but little by little it is spreading to all types of users. What’s more, everything was born with a campaign aimed at architecture companies, but it is spreading to all kinds of sectors.
In addition, they also warn us that this is a campaign that has a very high level of sophistication, hence precisely the danger it entails. And it is that the victims do not suspect anything of the mail that arrives until they suffer the encryption and kidnapping of their equipment. Hence, the National Police experts in cybercrime have detected that many emails are sent from the non-existent fotoprix.eu domain. Basically what is tried with this is to impersonate the identity of a photographic firm so that users click.
In order for you to be warned, say that the attackers are posing as a newly opened photography store. Through that email that reaches us, they request a renovation and development plan for some supposed works. We are also going to find an attachment in the mail, which is where the danger really lies.
Beware of these emails to avoid ransomware
In the email that we are commenting on, a file is attached that is actually a compressed file in the form of a disk image in .img format. When opened in Windows, the file is automatically mounted as a drive letter to display its contents. Victims then come across a folder containing numerous Python files, other batch files, and executables. It is at this moment that the LockBit Locker ransomware is launched to encrypt and block access to our data.
The Police places special emphasis on the high level of sophistication of these attacks in order to convince and deceive the victims. As many of you may already know, this particular type of malware blocks access to everything on our drives. In order to decrypt all of this, the attackers demand a ransom by promising an unlock key for the computer.
At this point, the best thing we can recommend is that you have a backup copy of all the content on your computer, and also updated. This type of attack based on ransomware-type malicious code does not usually end well. We tell you this because even if we pay the requested ransom, in most cases the unlock code is not provided to be able to regain control over our equipment.
Hence, it is better to take precautionary measures in order to solve the situation in the event that we become victims of these attacks.