Beware : Spam and Fake Invoices Install Hermes 2.1 Ransomware and AZORult

Know How Fake Invoice Victimized Windows PC

These days, a campaign of malspam is underway that seems to be an invoice for the outstanding payment. After the depth analysis security analysts confirmed that fake invoices can install the AZORult, an information stealing malware and Hermes 2.1 Ransomware on affected PCs. The attachment of spam emails contain ‘Invoice Due’ subjects and seems as an outstanding balanced including .doc attachment.

The suspicious Word documents enabled macros and attachments are the password protected to make it too much difficult to detect as malicious one. Once the System user of recipients of such a fake invoice messages, enters “1234” as a password, they will be promoted as Enable Content. Clicking on any micro enabled MS Word document or executing of any malicious script will automatically install Hermes 2.1 Ransomware and AZPRult, a malware.

Information of Hermes 2.1 Ransomware In Short

First of all, Hermes 2.1 Ransomware will be installed in PC. As soon as it proliferates inside the PC successfully, it immediately start encryption procedure and encrypts almost all files on PC. Like other ransomware it also affects almost all users-generated objects including PDFs, audio or video clips, images, databases, documents and many more and then after it extort ransom fee from affected users. But the most notable thing about this ransomware is that it doesn’t alter the affected file names. Affected users can easily determine the presence of such a ransomware by seeing a ransom note named “DECRYPT_INFORMATION.html

Ransom Note of Hermes 2.1 Ransomware

Horrible Things That You Must Know About AZORult

AZORult is regarded as one of the most dangerous System malware that is capable to compromise Windows PC and deliver the Aurora Ransomware in affected machine. It actually harvests and exfiltrates almost all crucial data from affected machine. As per the depth analysis by researchers, this malware searches for users all sensitive data including saved passwords, their name, banking account details, cookies, desktop files, list of all installed applications or programs, list of the executing processes, System name, System as well as network configuration details and many more. After gathering all sensitive data, it sends them to its Command & Control server. AZORult is not a new malware but recently at the end of 2018, it has been updated by its developers and comes with improved stealer and the downloader functionality. Due to such a System infection, you have to suffer with several negative traits. Therefore you must opt some safeguard tips to avoid its attack.

Prevention Measure To Keep Your PC Malware Free

  1. Beware of unknown attachments or fake invoice.
  2. Never open any message or attachment appeared in your inbox from untrusted sources.
  3. Don’t click on any suspicious ads or malicious link.
  4. Keep a backup copy of your installed application or program.
  5. Use a trusted anti-virus tool to scan your PC on regular basis.
  6. Never use any infected devices etc.

Leave a Comment

Your email address will not be published. Required fields are marked *