A version of the Petya ransomware dubbed GoldenEye is targeting human resources (HR) departments with fake job applications infected with malware.
GoldenEye has been around for some time, but security firm Check Point notes that it has recently turned its attention to HR staffers that frequently open emails from unknown sources.
The campaign, which is targeting HR employees in Germany, lures victims in with a legitimate looking job application. There are two files attached to the email: a PDF containing a cover letter which has no malicious content and its primary purpose is to lull the victim into a false sense of security, and an Excel file with malicious macros unbeknown to the receiver.
The latter contains a picture of a flower with the word "Loading…" underneath, and a text in German asking the victim to enable content so that the macros can run.
"When a user When a user clicks "Enable Content", the code inside the macro executes and initiates the process of encrypting the files, denying the victim access to his or her files," Check Point explains.
"GoldenEye then appends a random 8-character extension to each encrypted file. After all the files are encrypted, GoldenEye presents the ransom note: "YOUR_FILES_ARE_ENCRYPTED.TXT" After displaying the ransom note, GoldenEye forces a reboot and starts encrypting the disk.
"This action makes it impossible to access any files on the hard disk. While the disk undergoes encryption, the victim sees a fake "chkdsk" screen, as in previous Petya variants."
From here, users are presented with a ransom note - the same seen in previous Petya campaigns but with a new gold colour scheme (above). The victim is presented with a "personal decryption code", which can enter be in a Dark Web portal in order to pay the ransom.
The current ransom demanded by GoldenEye begins at 1.3 BitCoins (BTC), which works out at approximately $1,000 (around £810).
US space agency believes the crater could have preserved ancient organic molecules from the water that flowed there billions of years ago
Valve quietly closes down hardware initiatives launched following Windows 8
Scientists create a virtual reality simulation of a black hole sitting at the centre of the Milky Way
Simulations like this can help people understand complicated systems in the universe in a better way
The most luminous galaxy ever discovered is cannibalising at least three of its smaller neighbours, study finds
The galaxy radiates at 350 trillion times the luminosity of the Sun