A new bitcoin scam that promises to earn you $15-45 Bitcoin in a day for free and automatically, installs ransomware or info-stealer malware on victim’s computer.
The big picture
An independent malware hunter who goes under the name ‘Frost’ has uncovered the scam which has been promoted via several sites. The scam promise to earn you Ethereum by referring other people to their site.
Marozka Tear Ransomware
When Frost initially analyzed this scam, the malicious payload was found to be ‘Marozka Tear’ ransomware.
“All your information (documents, databases, backups and other files) this computer was encrypted using the most cryptographic algorithms.
All encrypted files are formatted .Crypted.
This form files '.Crypted' is a joint development American Hackers.
You can only recover files using a decryptor and password, which, in turn, only we know.
It is impossible to pick it up.
Reinstalling the OS will not change anything.
No system administrator in the world can solve this problem without knowing the password
In no case do not modify the files! But if you want, then make a backup.
Drop us an email at the address email@example.com
You have 48 hours left. If they are not decrypted then after 48 hours they will be removed!!!,” the ransom note read, BleepingComputer reported.
Frost noted that the scam now pushes an info-stealer malware ‘Baldr’ which currently has 32/70 detections at VirusTotal.
This info-stealer malware attempts to steal login credentials for all the sites visited, take screenshots, retrieve browser history, steal files and cryptocurrency wallets.