Fake Copyright Infringement Emails Used To Spread Malware

Hackers found a new way to slip malware past your defenses.  Researchers around the world have spotted a curious new campaign designed to scare victims by sending them emails warning of copyright infringement.

The email begins by warning that the recipient’s website is hosting copyright-protected content and threatens legal action if the offending material isn’t removed immediately.

The red flag here is that rather than simply spelling out what materials are copyright protected in the body of the email, the attackers include a ZIP protected archive file which supposedly provides the details.

Naturally, anyone who gets scared into opening the archive will not find any details. Rather, they will have inadvertently opened the door to allow LockBit 2.0 ransomware to be installed on their machine.

Worse, if that machine happens to be connected to your corporate network, the malware will spread laterally from there while infecting and locking files on as many devices as it can manage.

It’s a clever bit of social engineering.  Nobody wants to run afoul of copyrights, so the hackers are playing on common fears and the current campaign is well organized.  Not only are the emails slickly put together, but the hackers are using one of the most prolific ransomware strains out there.

You’re probably not actually displaying copyrighted materials on your website. Even if you were, the content in question would be mentioned prominently in the body of whatever email you got from the owner of the copyright.

Be sure your staff is aware of the current campaign.  Once someone opens the archive, it’s too late and your company will probably be facing some downtime, not to mention the loss of trust you’ll suffer.  It’s just not worth the risk.  Stay safe out there.