Phishing Emails Infect Users With MirCop Ransomware

November 5, 2021

A new phishing tactic is now used by attackers to infect unsuspecting users with the MirCop Ransomware.

In the attack, which happened in less than 15 minutes, attackers send an email with a hyperlink to a Google Drive URL to victims.

As soon as the hyperlink is clicked, an MHT file is downloaded to the computer of such a user. On the victim’s side, after downloading the file, he only sees a blurry picture of an alleged supplier list, stamped with a signature to prove its authenticity.

Unknown to the victim as soon as the MHT file is opened, a RAR archive containing a .NET malware downloader and an EXE file (uses VBS scripts to drop and execute the MirCop payload on the infected systems).

After that, this Ransomware comes alive and manifests itself through screenshots, locking files, changing the background to a zombie-themed image, and offers victims instructions on what to do next. Therefore, users are advised to be careful when handling unsolicited emails.

For more information, read the original story in Bleeping Computer.

Phishing Emails Infect Users With MirCop Ransomware

Top Stories

North Korean hackers target European drone makers amid Ukraine conflict, ESET warns

Bell makes Canada’s first space-based smartphone call, aims to launch satellite service in 2026

Cook says Apple working to bring AI to China

Rogers extends free satellite texting trial — but the question is, why?

Hackers hijack airport PA systems in Canada and U.S. to broadcast political messages

Canadian Tire reports breach affecting online shoppers

Related Articles

North Korean hackers target European drone makers amid Ukraine conflict, ESET warns

Hackers hijack airport PA systems in Canada and U.S. to broadcast political messages

Canadian Tire reports breach affecting online shoppers

LinkedIn sues ProAPIs for using one million fake accounts to scrape user data

Jim Love

Follow Us

Popular categories

Tech News Delivered