Attackers Sending Out Fake CDC Flu Warnings to Distribute GandCrab

Houzz Says Security Incident Might Have Exposed User Data

Attackers Sending Out Fake CDC Flu Warnings to Distribute GandCrab

Digital attackers are sending out faux flu warnings that seem to come from the U.S. Center for Disease Control (CDC) so as to distribute GandCrab ransomware.

An assault starts when a consumer receives a pretend CDC e mail. The sender box claims that the e-mail got here from “Centers for Disease Control and Prevention.” But a better glance unearths the sender to if truth be told be “[email protected],” an e mail deal with which has not anything to do with the CDC.

That’s no longer the top of the assault marketing campaign’s mischief. The e mail’s topic line of “Flu pandemic warning” additionally has one thing to disguise. As defined by means of My Online Security:

To confuse the problem much more the topic line was once written in what seems like a mixture of cyrillic & western characters & encoded in UTF8 structure so a pc will routinely translate / decode it. When I first attempted to submit this, I were given a garbled mess of characters within the url to this submit the place the Copy & pasting from the e-mail picked up the utf8 structure.

1x1.trans - Attackers Sending Out Fake CDC Flu Warnings to Distribute GandCrabattackers sending out fake cdc flu warnings to distribute gandcrab - Attackers Sending Out Fake CDC Flu Warnings to Distribute GandCrab
Fake CDC e mail. (Source: My Online Security)

The frame of the e-mail itself tries to trick the recipient into viewing an “Instructions DOC” hyperlink in order that they may be able to offer protection to themselves towards the flu. When clicked, the hyperlink a lot a Microsoft Word record that’s empty excluding for its “Urgent notice” heading. The record additionally comes with malicious macros that obtain GandCrab ransomware when enabled.

Unfortunately, the assault marketing campaign is recently distributing model five.2 of the crypto-malware. This variant is recently past the scope of a unfastened decryptor evolved for the ransomware.

Users can lend a hand offer protection to themselves towards assault campaigns reminiscent of this one by means of familiarizing themselves with the maximum commonplace assault ways hired by means of phishers. They will have to additionally again up their information frequently, replace their OS for recognized vulnerabilities and observe those further pointers to save you a ransomware an infection.


Please enter your comment!
Please enter your name here