Posts tagged CryptoBit

CryptoBit targets Windows OS and is distributed via the Rig exploit kit. Once a target system is infected, CryptoBit places a fake user-agent and fake referrer line in the HTTP traffic in order to masquerade as legitimate web traffic. After establishing contact with its C2 server, it encrypts files on the victim’s machine and then blocks the entire screen with an immovable ransom note. This note can be removed, however, after rebooting the system.

Read More