In just 24 hours, an aggressive ransomware campaign has targeted many through fake Herbalife or file delivery emails.
This is a new ransomware threat targeting 2 million email addresses per hour. This spam-based threat is targeting users via a fake Herbalife or generic email.
This threat appears to be a Locky variant and was initially seen in Vietnam. However, it is rapidly expanding into other parts of the world, with 20 million attacks having been seen within the past 24 hours.
"There have been approximately 6,000 fingerprints, which tells us that these attacks are being automatically generated using a template that randomizes parts of the files," the post said. "The names of payload files and the domains used for downloading secondary payloads have been changing in order to stay ahead anti-virus engines."
The crazy thing about this attack is the Researchers determined that the attackers are using a single identifier, meaning that victims who pay the ransom won't have their files decrypted.