Researchers at SophosLabs are analysing a new ransomware attack that appears to have hit computer users via a drive-by vulnerability on compromised websites.
Malicious hackers are spreading the ransomware, which encrypts media and Office files on victim’s computers, in an attempt to extort $120. In a nutshell – you can’t access your files because the malicious code has encrypted them (in our observations, the whole file isn’t encrypted – just the first 10% or so), and the hackers want you to pay the ransom if you want your valuable data back.
The attack, which Sophos detects as Troj/Ransom-U, changes your Windows desktop wallpaper to deliver the first part of the ransom message.
The main ransom demand is contained in a text file:
All your personal files (photo, documents, texts, databases, certificates, kwm-files, video) have been encrypted by…
Read more in my article on the Naked Security website.