A new extortioner Trojan has been detected, impersonating Kaspersky Lab antivirus.
VirusInfo warns of the active distribution of a new type of malicious software related to the type of Trojan ransomware - Trojan-Ransom.Win32.SMSer
Currently, 6 varieties of this Trojan are circulating in the Russian sector of the Internet.
Malicious software blocks the normal operation of the PC and prompts the user to send a paid SMS message to restore functionality, which is typical behavior of Trojan ransomware. The peculiarity of this sample is that it tries to impersonate a non-existent “Kaspersky Lab's online antivirus”, which detected a certain “virus” on the user's computer and offering to “delete” it. At the same time, as can be seen from the screenshot above, the text is illiterate and contains both spelling and punctuation errors.
A detailed description of the Trojan and the method of treating an infected PC in a detailed article on Virusinfo.info - Trojan-Ransom.Win32.SMSer: extortionist posing as antivirus for Kaspersky Lab
')
Currently, 6 varieties of this Trojan are circulating in the Russian sector of the Internet.
Malicious software blocks the normal operation of the PC and prompts the user to send a paid SMS message to restore functionality, which is typical behavior of Trojan ransomware. The peculiarity of this sample is that it tries to impersonate a non-existent “Kaspersky Lab's online antivirus”, which detected a certain “virus” on the user's computer and offering to “delete” it. At the same time, as can be seen from the screenshot above, the text is illiterate and contains both spelling and punctuation errors.
A detailed description of the Trojan and the method of treating an infected PC in a detailed article on Virusinfo.info - Trojan-Ransom.Win32.SMSer: extortionist posing as antivirus for Kaspersky Lab
')
Source: https://habr.com/ru/post/65041/
All Articles