WEB-THREAT_CRYPTLOCK
July 08, 2015
PLATFORM:
Windows
OVERALL RISK RATING:
DAMAGE POTENTIAL:
REPORTED INFECTION:
Threat Type: Web Threat
Destructiveness: No
Encrypted:
In the wild: Yes
OVERVIEW
This detection is for web threats related to TorrentLocker. These web threats, usually URLs, are embedded in email and used to redirect to spoofed domains. These spoofed domains copy legitimate sites like well-known postal services and courier services such as Correo of Spain, Royal Mail of UK, Czech Posta, PTT of Turkey, SDA of Italy, Le Poste of France, Poczta of Poland, DHL of Germany, and AuPost of Australia. The spoofed domains also include government or federal police sites in Australia such as NSW Police Force and Australian Federal Police.