Duplicate copyright emails used to install lockbeat ransomware


Lockbeat ransomware is a type of malicious software that aims to block users’ access to computer systems in exchange for ransom.

LockBit works by automatically scanning a network in search of tempting targets and then spreading the virus across the system and encrypting any accessible computer system. This ransomware is used in attacks that are very well targeted against companies and other organizations.

What happened?

The collaborators of LockBit ransomware are using a clever ploy to trick people into infecting their devices with malware under the guise of copyright claims. This technique is called social engineering.

Social engineering is a term that first appeared in the social sciences, somewhat similar to the direct intervention of scientists in human society. The term ‘social engineer’ was first coined by Van Marken in 1894, to convey the idea that professionals were needed to manage human problems. Just as you cannot solve technical problems without proper skills training, you cannot solve social problems without similar skills.

People who receive these emails are being warned about copyright infringement for using media files without the original author’s permission. Recipients of these emails are threatened with legal action if they do not delete information deemed infringing on their website.

As Blipping computer In the report, researchers at Ahnlab in Korea discovered emails that did not identify which files in the body of the message were used inappropriately; Instead, they instruct the receiver to download and open the attached file to see the infringing material.


The attachment is a zip file encrypted with a password and contains a compressed file. The compressed file contains an executable that looks like a PDF document but is actually an NSIS installation.

The purpose of this wrap and password protection is to hide malicious code from email security technology so that it can be downloaded without detection.

Lockbeat 2.0 will run on a ransomware device and will begin encrypting data as soon as it downloads a fake “PDF” that claims to provide information about which image is being used without the victim’s permission.

While the use of allegations of copyright infringement is notable, it is not innovative or exclusive for LockBit members because many other virus distribution efforts employ the same bait.

How can Heimdal help?

In the fight against ransomware, Heimdal Security is providing its clients with an excellent integrated cyber security suite that includes ransomware encryption protection modules. This module is completely signature-free and universally compatible with all antivirus solutions, and it ensures superior detection and fixation of any type of ransomware, whether fileless or file-based (including the latest locks).

If you liked this article, follow us LinkedIn, Twitter, Facebook, YouTubeAnd Instagram For more cyber security news and topics.

Source link