ALERT - Mass ransomware spamming event targeting UK computer users

 

15 November 2013

The NCA's National Cyber Crime Unit are aware of a mass email spamming event that is ongoing, where people are receiving emails that appear to be from banks and other financial institutions.

The emails may be sent out to tens of millions of UK customers, but appear to be targeting small and medium businesses in particular. This spamming event is assessed as a significant risk.

The emails carry an attachment that appears to be correspondence linked to the email message (for example, a voicemail, fax, details of a suspicious transaction or invoices for payment). This file is in fact a malware that can install Cryptolocker – which is a piece of ransomware

Cryptolocker works by encrypting the user’s files on the infected machine and the local network it is attached to.

Once encrypted, the computer will display a splash screen with a count down timer and a demand for the payment of 2 Bitcoins in ransom (Approx £536 as at 15/11/2013) for the decryption key.

The NCA would never endorse the payment of a ransom to criminals and there is no guarantee that they would honour the payments in any event.

Lee Miles, Deputy Head of the NCCU says "The NCA are actively pursuing organised crime groups committing this type of crime. We are working in cooperation with industry and international partners to identify and bring to justice those responsible and reduce the risk to the public."

An NCCU investigation is ongoing to identify the source of the email addresses used. Anyone who is infected with this malware should report it via Action Fraud

Sound advice can be found at GetSafeOnline

Advice: This is a case where prevention is better than cure.