There are some alarming news that you need to know as Valentine’s Day draws near. Hackers across the world are trying to find ways to exploit this special day. The latest research conducted by the Emerging Treats team of ProofPoint, which is a security company, discovered the trend. The team also detected an extensive mal-spam campaign, which they have dubbed as “The Love Letter Campaign.”
This campaign relies on common social techniques and attention grabbing subject lines on emails like:
- I love you
- My letter just for you
- Wrote this letter for you
- Just for you!
- This is my love letter to you
- My love letter for you
- Wrote a fantasy about us
- Fell in love with you
- Always thinking about you!
To be honest, everyone likes to receive love letters and hackers know this very well. That is the reason why an alarming percentage of individuals who receive “love letters” such as this end up clicking on the attraction, commonly in the form of a PDF, to download and open the file.
The problem is that when they do, it triggers a malicious JavaScript file that downloads "krablin.exe" and then the file is executed. The results are unfavorable. The device used to open the file will be infected with different malware types including a cryptojacking miner known as Monero XMRig Miner, a GrandCrab Ransomware, and a Phorpiex spambot copy. The victim’s files will then be locked by the ransomware and can only be accessed once he or she pays in Bitcoin.
This is a thorny problem. Many people anticipate only one kind of malware is going to be installed on every attack. So, there is a huge possibility that when the victim agrees to pay the ransom to regain access to his or her files, all of the attention will be on removing all malware traces. This means the other two malware that were also installed in the device will continue to run without being noticed, which will benefit the hackers more.
Even though the “love letter” campaign does not appear to be all that dangerous, it is actually a dark as well as serious matter. All be careful and don’t forget to inform your employees about it.
