WEB-THREAT_CRYPTLOCK


 PLATFORM:

Windows

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 REPORTED INFECTION:

  • Threat Type: Web Threat

  • Destructiveness: No

  • Encrypted:

  • In the wild: Yes

  OVERVIEW

This detection is for web threats related to TorrentLocker. These web threats, usually URLs, are embedded in email and used to redirect to spoofed domains. These spoofed domains copy legitimate sites like well-known postal services and courier services such as Correo of Spain, Royal Mail of UK, Czech Posta, PTT of Turkey, SDA of Italy, Le Poste of France, Poczta of Poland, DHL of Germany, and AuPost of Australia. The spoofed domains also include government or federal police sites in Australia such as NSW Police Force and Australian Federal Police.