Ransomware is a piece of software that has attacked people and tried to put the hostages computers to compel their owners to pay the ransom.
A new variant is out there: Maktub Locker.
This new variant of ransomware starts to capture the attention of the victim through an email that apparently is innocent and trustworthy. The point of having even a legitimate address. The subject, to get the user’s attention, must be either disturbing or exciting, the tactic is currently being warning to alert the victim, so the trick are the warnings of authorities issuing overdue invoices alerts.
The email usually contains a request for payment of such invoice in arrears. What differentiates this from other ransomware that we know is that this seems to have an idea of where the victim lives, it includes your address within the message.
Additionally, the message contains a link that supposedly opens a printable version of that document. Clicking on the link will download what looks like a Word document. The file will open, but it is here that starts the user’s headache as it is at this point that, without realizing it, begins in the background software to encrypt all your computer files.
Since the encryption is done, the program will require the user to log out, it will fire a message stating that all your personal files were encrypted. a timer is then displayed, indicating how long a victim has to pay the ransom. The payment begins at 1.4 Bitcoins (about 515 euros), and increases as time passes.
Another striking feature of the program is that it does not need an Internet connection to encrypt the files. It also spreads the victim’s files, similar to CryptoWall, in order to hide the files and cause more confusion to the user, even create panic.