May 22, 2019

May 21, 2019

Subscribe to Latest Legal News and Analysis

May 20, 2019

Subscribe to Latest Legal News and Analysis

New Ransomware Campaign Socks Victims with One-Two Punch

Cybercriminals have launched a new campaign that not only requires the victim to pay a ransom to have their data decrypted, but when the victim is directed to a PayPal account to pay the ransom to get the decryption key to unlock the data, the PayPal account page is fake and when the victim lands on the fake page, the criminals steal their account login credentials. On top of that, when the victim puts the credit card information in the fake account page to pay the ransom, the cybercriminals then steal the credit card information.

The fake PayPal site after http:// is[.]php, which is clearly fake and should be identifiable as a fake web page, but apparently it has duped many victims.

The ransomware campaign was discovered by MalwareHunterTeam. It is unknown whether the victims get the decryption key after the one-two punch, but it seems unlikely with this evil scheme.

Copyright © 2019 Robinson & Cole LLP. All rights reserved.


About this Author

Linn F. Freedman, Robinson Cole Law Firm, Cybersecurity and Litigation Law Attorney, Providence

Linn Freedman practices in data privacy and security law, cybersecurity, and complex litigation. She provides guidance on data privacy and cybersecurity compliance to a full range of public and private clients across all industries, such as construction, education, health care, insurance, manufacturing, real estate, utilities and critical infrastructure, marine, and charitable organizations. Linn is a member of the firm's Business Litigation Group and chairs its Data Privacy + Cybersecurity Team. She is also a member of the Financial Services Cyber-Compliance Team (CyFi ...