For many, the concept of crypto-currencies is just an uncharted territory and they neglect its existence. Others try out mining or purchase bitcoins as an exciting investment. Bitcoin, Monero and a bunch of other recognized digital currencies are being gradually integrated into mundane activities like paying for groceries. However, hackers are always standing in a way of risk-free innovations with their deceptive tactics.
Online surfers might have stumbled upon a new cryptocurrency called SpriteCoin. According to the official description, the novel currency is written entirely in JavaScripts (with C for the mining module). Its creators promise that exploring the possibilities with SpriteCoin will definitely lead to positive results. These insuring statements turned out to be a malicious bluff.
Fake SpriteCoin cryptocurrency infects people with ransomware, appending .encrypted extension
SpriteCoin does not have a legitimate version: hackers designed it for the purpose of this ransomware attack. The fake currency also features an official website, but is also promoted in various forums. People that decide to explore this new currency will have to create a password for their wallet and download blockchain. However, while users assume that they are making preparations for the usage of SpriteCoin, the malware will secretly start the file-encryption process. The ransomware targets the following file types:
“txt .py .doc .rtf .cpp .cc .go .tcl .html .ppt .docx .xls .xlsx .pptx .key .pem .psd .mkv .mp4 .ogv .zip .jpg .jpeg .work .pyw .h .hpp .cgi .pl .rar .lua .img .iso .webm .jar .java .class .one .htm .js .css .vbs .7z .eps .psf .png .apk .ps1 .gz .wallet.dat .id_rsa”.
Do not pay ransoms: you will only become infected with more malware
Once encrypting is over, victims will be introduced with ransomware demands, requiring 0.3 Monero in exchange for decryption. Currently, this number equals $95.37. Victims that have paid this sum were not rewarded with file-saving password. Instead, they received more malware.
It is cruel that victims who pay nearly $100 dollars will be additionally infected with a W32/Generic!tr. According to short analysis of this malware, researchers indicate that it will probably function as a highly intrusive spyware. It is capable of accessing web cameras and invading space in other horrendous ways.
In addition to causing a horrific crypto-malware attack, SpriteCoin will also steal credentials from Google Chrome and Mozilla Firefox browsers. The gathered data will be stored in a website, accessible only thru TOR browser (Mqapf3nflatei35.onion.link/).
We understand the challenges that surfers are forced to face everyday. Sometimes, people do not have any idea about the cyber threats they encountered, but managed to keep their operating system malware-free due to dumb luck. Also, it is devastating to hear stories of ransomware victims, losing all of their files due to one random decision.
For instance, people who attempted to give SpriteCoin a chance had no idea they would be attacked by extortionists. However, this is a very good example: stay away from things that are suspicious and unknown. To more cautious eyes, the official website of SpriteCoin would have immediately looked unreliable. If you are one of the victims of this cyber attack, please DO NOT pay the demanded ransom. Actually, this advice is applicable to almost every situation when a ransomware virus infects a computer device.
Source: fortinet.com.
