Unscrupulous crooks behind the RansSIRIA Ransomware try to exploit attentions on Syrian refugee crisis
Researchers at MalwareHunterTeam have discovered a new strain of ransomware called RansSIRIA that encrypts victim’s files and then states it will donate the ransom to Syrian refugees.
Unscrupulous cybercriminals try to exploit every situation, even the most dramatic incidents. In the past, crooks attempted to exploits the media attention on dramatic events such as the Boston Marathon, the MH17, and the Hurricane Matthew Marathon.
Now security experts at MalwareHunterTeam have discovered a new strain of ransomware called RansSIRIA that encrypts victim’s files and then states it will donate the ransom to Syrian refugees.
According to the experts, the RansSIRIA ransomware is a variant of the WannaPeace ransomware the campaign spotted by the researchers aimed at Brazilian users.
Once the ransomware is executed, it will display a fake Word window while the malware encrypts victim’s files.
When the encryption process is completed, the ransomware will display a ransomware note containing the instructions for the payment.
The ransom note also contains a singular message to explain the ransom will be used to help Syrian refugees.
The ransom note is written in Portuguese, below the translated text was published by experts at BleepingComputer:[….]
To read the original article: