Trojan.Ransomlock!gen4
The Trojan.Ransomlock!gen4 Trojan and the Death of Muammar Gadhaffi
One would normally not associate a malware infection such as the Trojan.Ransomlock!gen4 Trojan with the death of a Libyan dictator. However, ESG PC security researchers have issued a warning against the many online scams and frauds associated with Muammar Gadhaffi's death. The same is true for any major news event; computer criminals will take advantage of the death of any major celebrity to send out spam emails attempting to scam the gullible and inexperienced. In 2011 alone, there were many examples of online scams associated with the death of Steve Jobs and Amy Winehouse. The death of Libyan dictator Muammar Gadhaffi is no exception. Various kinds of spam emails have been detected containing alleged news of Muammar Gadhaffi's death and brutal execution or most commonly, pictures and videos of his death. One particular version of this scam, targeting computer users in Brazil (a country that is quickly rising to the highest place on the list of countries involved in computer scams of various kinds) has been reported to contain the Trojan.Ransomlock!gen4 Trojan in the form of an email attachment of an embedded link.
Characteristics of the Trojan.Ransomlock!gen4 Trojan Email
Characteristics of the Trojan.Ransomlock!gen4 Trojan Email
ESG PC security researchers point out that the following download links were seen in the emails containing the Trojan.Ransomlock!gen4 Trojan:
noticias.removed(dot)co(dot)kr/folha/cotidiano/ult95u735971/videos/ult95u735937.php?0.71507
noticias.removed(dot)co(dot)kr/folha/cotidiano/ult95u735971/videos/ult95u735937.php?0.01323
noticias.removed(dot)co(dot)kr/folha/cotidiano/ult95u735971/videos/ult95u735937.php?0.06826
These emails contained the following subject, written in Portuguese:
Novo video nao divulgado por ter imagens fortes mostra Kadhafi pedindo misericordia de joelhos e seus guardas sendo executados.
which reportedly can be translated as :
New video not released because it contains strong images showing Gadhaffi asking for mercy on his knees and his guards being executed.
Videos and pictures of Ghaddafi's death have been widely available on reputable news websites and networks. It is important to understand that there is no reason why it would be a good idea to receive this news from unsolicited emails. Even if the email appears to come from a legitimate source, ESG PC security researchers strongly recommend against opening email attachments or embedded links contained in unsolicited emails. Spoofing the layout for a legitimate news source is not a difficult thing to do. In fact, an online scam very similar to the Trojan.Ransomlock!gen4 Trojan scam (but targeting Spanish speakers rather than Brazilians) attempted to distribute a malware threat similar to the Trojan.Ransomlock!gen4 Trojan through a spam email appearing to come from CNN.
SpyHunter Detects & Remove Trojan.Ransomlock!gen4
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | file.exe | c7d2f52e65230f31fab086d607bf86fd | 0 |
| 2. | file.exe | 1537605d30a16ad517a5a1d38850e020 | 0 |
| 3. | file.exe | 3c4cb6a9788425f925ac83a1c22679bf | 0 |
| 4. | file.exe | 4995ececfe3ae4d11811937fb8ab6442 | 0 |
| 5. | file.exe | 8e54e1114970a8d84c7829b51c940602 | 0 |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.