A ransomware variant which has been relatively inactive for almost two years is back, and this time it’s stealing user credentials from victims in addition to demanding a ransom to unencrypt locked files. TorrentLocker — also known as Cryptolocker — started targeting Windows users in 2014 before dropping off by the summer of 2015. Like the majority of ransomware schemes, TorrentLocker spreads via spam email messages containing malicious attachments. This revived TorrentLocker campaign sees targets sent an email labelled as ‘high importance’, within which is the malicious attachment in the form of a Word document with embedded macros.
View full story
ORIGINAL SOURCE: ZDNet