Phishing Emails Infect Users With MirCop Ransomware

November 5, 2021

A new phishing tactic is now used by attackers to infect unsuspecting users with the MirCop Ransomware.

In the attack, which happened in less than 15 minutes, attackers send an email with a hyperlink to a Google Drive URL to victims.

As soon as the hyperlink is clicked, an MHT file is downloaded to the computer of such a user. On the victim’s side, after downloading the file, he only sees a blurry picture of an alleged supplier list, stamped with a signature to prove its authenticity.

Unknown to the victim as soon as the MHT file is opened, a RAR archive containing a .NET malware downloader and an EXE file (uses VBS scripts to drop and execute the MirCop payload on the infected systems).

After that, this Ransomware comes alive and manifests itself through screenshots, locking files, changing the background to a zombie-themed image, and offers victims instructions on what to do next. Therefore, users are advised to be careful when handling unsolicited emails.

For more information, read the original story in Bleeping Computer.

Phishing Emails Infect Users With MirCop Ransomware

Top Stories

Malicious browser extensions are harvesting ChatGPT conversations at massive scale

10 game-changing technology unveiled at CES 2026 so far

Canadian fugitive connected to Desjardins data breach arrested in Spain

SaaStr founder says human sales roles have been replaced by AI agents

AI tool is flagging pancreatic cancer early in China

Top 10 predictions for information technology developments in 2026

Related Articles

Over 59,000 Next.js servers hacked in 48 hours in credential-theft campaign

NIST warns of inaccurate internet time after atomic clock disruption

Critical LangChain flaw exposes secrets across millions of AI agent deployments

Facial recognition becomes mandatory for new mobile accounts in South Korea

TND News Desk

TND News Desk

Jim Love

Follow Us

Popular categories

Tech News Delivered