Fake Interpol Investigation Emails Push Ransomware at Small Businesses Globally
ID: 1b9b45f2-866a-570d-923c-0059eee5d282
STIX ID: report--1b9b45f2-866a-570d-923c-0059eee5d282
Feed Name: HackRead
Bitdefender researchers describe a global ransomware campaign targeting small businesses via spoofed Interpol investigation emails that link to a password-protected Proton Drive archive named "archive.rar". The archive conceals an executable masquerading as a video; once executed it encrypts files and provides a ransom note instructing victims to contact attackers over Tox for negotiation. The malware appears custom and lower-scale than major ransomware families, and recipients are advised to verify unexpected investigation notices, inspect file types, and use services like VirusTotal to pre-check suspicious links or files.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
