logo

Fake Interpol Investigation Emails Push Ransomware at Small Businesses Globally

ID: 1b9b45f2-866a-570d-923c-0059eee5d282

STIX ID: report--1b9b45f2-866a-570d-923c-0059eee5d282

Feed Name: HackRead

Threat Score
70/100

Date Published: 2026-07-01

Date Updated: 2026-07-02

Author: Waqas

...
...

Bitdefender researchers describe a global ransomware campaign targeting small businesses via spoofed Interpol investigation emails that link to a password-protected Proton Drive archive named "archive.rar". The archive conceals an executable masquerading as a video; once executed it encrypts files and provides a ransom note instructing victims to contact attackers over Tox for negotiation. The malware appears custom and lower-scale than major ransomware families, and recipients are advised to verify unexpected investigation notices, inspect file types, and use services like VirusTotal to pre-check suspicious links or files.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.