Phishing Emails Infect Users With MirCop Ransomware

November 5, 2021

A new phishing tactic is now used by attackers to infect unsuspecting users with the MirCop Ransomware.

In the attack, which happened in less than 15 minutes, attackers send an email with a hyperlink to a Google Drive URL to victims.

As soon as the hyperlink is clicked, an MHT file is downloaded to the computer of such a user. On the victim’s side, after downloading the file, he only sees a blurry picture of an alleged supplier list, stamped with a signature to prove its authenticity.

Unknown to the victim as soon as the MHT file is opened, a RAR archive containing a .NET malware downloader and an EXE file (uses VBS scripts to drop and execute the MirCop payload on the infected systems).

After that, this Ransomware comes alive and manifests itself through screenshots, locking files, changing the background to a zombie-themed image, and offers victims instructions on what to do next. Therefore, users are advised to be careful when handling unsolicited emails.

For more information, read the original story in Bleeping Computer.

Phishing Emails Infect Users With MirCop Ransomware

Top Stories

Oracle begins mass layoffs to fund $156 billion AI infrastructure push

OpenAI brings in Smartly to shape how ads work inside ChatGPT

Quantum breakthrough researchers cut required qubits from millions to thousands

Anthropic coding tool exposes full source code again after packaging error

Cisco breach exposes 300+ repos after supply chain attack

OpenAI cuts Sora with $1M-a-day costs to free up resources for core AI models

Related Articles

Anthropic coding tool exposes full source code again after packaging error

Cisco breach exposes 300+ repos after supply chain attack

New Google update targets sensitive data exposure in search results

GitHub Copilot to train on user data by default

TND News Desk

TND News Desk

Jim Love

Follow Us

Popular categories

Tech News Delivered