Through a simple email we can be victims of many different types of attacks. In this case we are facing a ransomware that they send hidden in a link to Google Drive. If the attacker manages to run it on our computer, in just 15 minutes he is able to encrypt the system and achieve his goal, without us being able to do anything. We are facing a clear Phishing attack that tries to sneak the MirCop ransomware.
MirCop, the ransomware that encrypts a computer in minutes
There is no doubt that the ransomware it is one of the most important threats we face on the web. It is a type of malware that aims to encrypt files and even the system, to later request a financial ransom if the victim wants to access their computer normally. But of course, even paying that ransom does not always get it back.
One of the techniques attackers use to sneak this type of malware is by using email. In this case they send an e-mail with a zombie theme, taking advantage of the dates in which we are. Everything is apparently harmless but it has a link to Google Drive in the body of the message.
Clueless users who click on it will download a web page file. Once downloaded and opened, it will automatically download another RAR file containing the malware downloader. This .EXE uses VBS to load and run the MirCop payload on the system.
Before long and without the victim being able to do anything, the MirCop ransomware begins to act. It will start taking screenshots, locking files, changing the desktop background, and throwing information at the victim on how to proceed to regain control. This whole process lasts just 15 minutes, which makes it quite fast malware.
Doesn’t seek to steal files undetected
Some threats of this type seek to collect files little by little, silently, until they can extort money from the victim. MirCop ransomware acts differently, since the whole process is very fast and what it looks for is that in a matter of minutes the files are encrypted.
Once again the importance of taking care of our security when browsing the Internet, but especially when making use of certain services such as email. Here common sense plays a fundamental role, since the difference between opening a link that we receive from a strange account and downloading a file or directly deleting that email before opening it, can be a great displeasure when seeing how our files are encrypted and we lose team control.
Therefore, our advice is at all times to avoid making mistakes, to have the computer protected with a good antivirus and always updated to be able to detect malware as quickly as possible and, mainly, to prevent it from running on the computer and taking advantage of possible vulnerabilities .
You can see a tutorial where we talk about when it is most likely to suffer a ransomware attack and what we must do to always be protected.