HomeMalware & ThreatsRansomware innovation includes hiding in websites during file uploads

Ransomware innovation includes hiding in websites during file uploads

Published on

spot_img

In recent times, the landscape of malware attacks has seen a shift towards a new breed of ransomware that locks users from uploading files to websites, as revealed by researchers at FIU Cybersecurity. This disturbing trend involves certain websites enticing users to grant access to their files, only to deploy ransomware payloads upon permission.

The study conducted by the FIU College of Engineering and Computing has shed light on how attackers are demanding cryptocurrency in exchange for decryption keys. This ransomware variant is sophisticated and can operate across multiple platforms including Linux, Windows, and Mac OS. It can even infiltrate popular cloud storage services such as Google Drive, OneDrive, Dropbox, Apple Cloud, and BOX.

What makes these attacks particularly concerning is how the payload is triggered – often initiated when users click “YES” on a pop-up prompt. Antivirus solutions are often unable to detect these activities due to browsers’ inherent file access permissions, leaving users vulnerable to malware downloads onto websites.

This emerging threat poses a significant risk to users, especially during tax season when hackers capitalize on the opportunity to deceive individuals into divulging sensitive information or making payments to fraudulent services. Fake websites are created to trick users into surrendering their credentials, making them easy targets for future exploitation.

To protect themselves from such threats, users are advised to exercise caution when granting permissions to browser-enabled activities and avoid clicking on email links from unknown senders, as they could be phishing attempts. It is also important to refrain from disclosing sensitive information on suspicious web pages lacking HTTPS protocol and to always access services and products through official sources. Additionally, caution should be practiced when downloading attachments from unfamiliar email or SMS senders, as they may contain malicious content.

As the cybersecurity landscape continues to evolve, it is crucial for individuals to stay informed about potential threats and take proactive measures to safeguard their personal information and digital assets. By remaining vigilant and adopting best practices for online security, users can reduce their risk of falling victim to ransomware attacks and other malicious activities.

Source link

Latest articles

Attackers Abuse Google Ad Feature to Target Slack, Notion Users

 Attackers are once again abusing Google Ads to target people with info-stealing malware, this time...

Hackers allege to have infiltrated computer network of Israeli nuclear facility

An Iran-linked hacking group has declared that they successfully breached the computer network of...

Hacker allegedly uses white-hat approach to exploit crypto game for $4.6M

In a surprising turn of events, the food-themed crypto game Super Sushi Samurai fell...

Reducing Threats from the IABs Market

As ransomware attacks continue to escalate in frequency and severity, one of the key...

More like this

Attackers Abuse Google Ad Feature to Target Slack, Notion Users

 Attackers are once again abusing Google Ads to target people with info-stealing malware, this time...

Hackers allege to have infiltrated computer network of Israeli nuclear facility

An Iran-linked hacking group has declared that they successfully breached the computer network of...

Hacker allegedly uses white-hat approach to exploit crypto game for $4.6M

In a surprising turn of events, the food-themed crypto game Super Sushi Samurai fell...
en_USEnglish