Computer scammers every year aremore sophisticated and dodgy. Their latest "achievement" was the distribution of letters infected by the Troldesh ransomware virus on behalf of reputable companies, car dealers, air carriers and the media.
The Troldesh virus, also known as Shade, XTBL,Trojan.Encoder.858, Da Vinci or No_more_ransome encrypts information in the computer and extorts funds for the key to unlock the information. The company Group-IB, specializing in cybersecurity for incomplete June, has already recorded over 1.1 thousand such penetrations. At the same time, letters came on behalf of Kia and Rolf, Polar Airlines, as well as RBC and Novosibirsk-Online.
In the content of the letters sent fromfake addresses, please read the attached file, which contains commercial information. When you open these files on the computer immediately installed a virus.
The virus class Troldesh was fixed in 2015year His last mass mailing was discovered in March of the current year, then letters came from large retailers (Auchan, Magnit and PIK), banking institutions (Gazprombank and Otkritie) and construction companies.
An additional unpleasant "bonus" of the ransomware virus lately is the installation of cryptocurrency mining or traffic generation applications.