A malware dubbed MyloBot malware is seen sending extortion emails to victims and demanding a payment of $2,732 in digital currency. Interestingly, this malicious software has the potential to stay concealed for 14 days and then contacts the command-and-control server to execute malevolent binaries directly from memory.
This malware that was first detected in 2018 has anti-debugging capabilities and the potential to remove other malware already installed in the system or network. It acts as a spreading medium to install BlackCat Ransomware.
MyloBot spread takes place in three stages and abuses the endpoint victims with extortion messages about visiting X-rated websites, leaking videos that were captured on the PC webcam, and leaks details about recipients’ other online behaviors.
Security researchers from Minerva Labs who detected the recent activities of the malware say that the software can shut down the Windows Defender system and Windows Update processes and blocks ports connected to Windows Firewall.
The best way to avoid infections from such extortion emails is to
a.) never click on such emails after reading out the subject line.
b.) Installing malware detection tools that can sniff malicious links and software from emails will also prove helpful.
c.) Resetting the computer to start fresh might also prove as a viable option in such situations.
d.) Avoid visiting wary websites as they can act as a source to distribute malware, ransomware, botnets, and all such nasty digital things.
e.) Visiting ‘HTTPS’ websites can also help in keeping the intentions of threat actors at bay.
