Malware can come unexpectedly…. and it does for most users. Most of the time, the user has no idea that they are downloading malicious files into their system, until it’s too late.
So you get an email claiming that you won a thousand dollars, or the tactic for winning the lottery solved, or promising good luck for the next 10 years if you read the content attached. The email tells you to hurry, lest there be others who read it first. Can’t go wrong…. right? Excited about what you just read, you rush and double click the attachment found in the email.
You open the attachment, and within a few seconds you get an alert saying that your computer has been infected, or your files were encrypted, and the only way to retrieve them is to fork over some money.
Malware can spread in many different ways, but one of the most common is via an email attachment.
The malware has been found to be the Kovter Ad Fraud Trojan, and has recently evolved into ransomware.
Now, a new .LNK file type is being placed inside a ZIP archive. Once you double click on the .LNK file, the Kovter Trojan will enter your system and use Powershell commands (Powershell is a Windows-native command line scripting engine) to avoid detection, and will encrypt files at your dismay.
Powershell commands make it easy for the ransomware to bypass your average virus scanner, since it is a fileless attack, which mean it does not use executables, but rather cmd.exe or Powershell to get the job done.
To learn more about this new threat, click here.
Already have (or suspect you have) a Kovter Trojan in your machine? Removal is tricky, and should only be done if you are familiar using virus scanning and removal programs. Please read the guide by bleepingcomputer.com here or contact Azuretech.
Online Resources :
File and URL scanner : VirusTotal