The hype around cryptocurrencies has never been higher. Bitcoin climbed more than 1,000 per cent in value last year, and other coins like Ethereum rose, too. Investors are pushing to have the chance to put their money into blockchain; and cybercriminals are well aware.
Potential buyers are urged to download a wallet to access the currency. This, in the form of an .exe file, is actually ransomware that encrypts files under the guise of downloading the blockchain that ‘SpriteCoin' is supposedly built on.
It's not only the computer that is locked; the malware also harvests the user's Chrome and Firefox browser credentials, storing them using an embedded SQLite engine. They are then sent to the attackers' Tor website using POST requests.
Victims are somewhat ironically told to pay using the Monero cryptocurrency to have their files unlocked: 0.3 Monero, currently worth about £65.
The malware stresses that users will get their files back if they pay - and of course, you can trust criminals.
Instead of their files, victims who pay instead receive fresh malware (‘W32/Generic!tr'), which could leave them even more at risk. The second programme can activate webcams, harvest certificates and parse images.
Like most ransomware, SpriteCoin is delivered through social engineering techniques, although it differs in using forum links rather than email scams.
Fortinet believes that the ransomware is not about the money, but is focused on testing new payload delivery mechanisms. "This is very similar to when attackers would test to see how effective or fast a worm would spread before really launching it. This could be the same concept," senior security researcher Tony Giandomenico told ZDNet.
Children as young as four to be taught about the dangers of social media
Bans already issued to hundreds of players who used offensive language
The site is perfectly situated for launching small satellites into orbit
Delegates at the ESOF 2018 conference were warned that their perceptions of the digital age were coloured by private industry