CryptoMix Ransomware Uses Fake Children’s Charity Scheme in Cyber Attack

CryptoMix Ransomware Uses Fake Children’s Charity Scheme in Cyber Attack

There’s a new strain of ransomware going around to entice victims into paying ransom. It’s called CryptoMix, and it utilizes a fictitious charity scheme that promises its victims they are helping a good cause.

The ransomware was discovered by cybersecurity news source CoveWare. In an effort to portray legitimacy, the ransomware note includes fake names, photos of young children from crowdfunding sources, and a diagnosis of the child “in need”. Infection by CryptoMix begins with a .txt file that notifies its victims that their files have been encrypted. Afterwards, email communications follow, in which the ransomware distributor notifies the user that their payment to decrypt files will ultimately help support a children’s charity community (see image below).

 Source: Coveware

Source: Coveware

The ransomware distributor directs its victim to go to visit a Onetime Secret page that asks for bitcoin payment towards the “International Children Charity Organisation”, noting how the user’s contribution will not only allow for restoration of their data, but will also assist their “main goal” of providing “many children [with] presents and medical help”. The description is likely meant to sway the well-known warning that ransom payments further help the hacker continue this act of crime, although the message shown obviously looks fabricated.

Source: Coveware

Source: Coveware

After payment is successfully transferred, the hacker notifies its victim that their donation will be personally recognized in their donor list.

CoveWare recommends that in the instance of a CryptoMix infection, it’s best to utilize Avast’s decryption software. To prevent any such ransomware infection before it could possibly occur, always keep your computer software updated to shield your device from open vulnerabilities, and to keep your files safe, always use a backup and storage solution like reevert. Reevert provides reliable storage capabilities of hourly data snapshots, physical and virtual server backups within the cloud, and instantaneous data restoration that happens within seconds so your business is up and running in the event of a major ransomware attack.

To find out more on how to protect your data, please visit our website at www.reevert.com.

Try Us

Free Trial    Watch Demo

 

For a hassle free 30 day trial, click the "Free Trial" button, download and deploy a copy of the appliance. No Credit Card required.