A new form of ransomware infecting users in Australia has been discovered by Symantec, with the "Los Pollos Hermanos" malware encrypting documents, images, videos, and other files on compromised PCs.
The Trojan.Cryptolocker.S demands a payment of almost $800 for the encrypted files to be decrypted, with malware authors pulling information from Breaking Bad protagonist Walter White. Much like other ransomware attacks, it appears social engineering is responsible for infecting users, with a malicious zip file that appears to be from a delivery courier.
"Based on our initial analysis, the threat appears to be using components or similar techniques to an open-source penetration-testing project, which uses Microsoft PowerShell modules," Symantec noted in a blog post. "This allows the attackers to run their own PowerShell script on the compromised computer to operate the crypto ransomware."
Ransomware attacks remain a popular tool for cybercriminals, as business workers tend to quickly pay ransoms - and would rather get back to daily work operations, instead of taking time to try to restore systems. Cybersecurity experts warn that there must be more focus on training employees to spot - and avoid - social engineering attempts by cybercriminals.