14 DAY TRIAL // With more and more rumors and announcements surfacing about the upcoming iOS 7, the topic has attracted the attention of cybercriminals. Websense researchers have spotted a new website that’s being prepared by cybercrooks to serve ransomware.
The website, called ios7news [dot] net, was registered around three weeks ago. Currently, when the site is accessed, visitors are presented with an open directory.
There’s no content on the site, but judging by the files stored on it, experts believe cybercriminals are laying the ground for a ransomware distribution scheme.
In one of the folders, Websense identified version 5 of the control panel for a ransomware toolkit called “Silence Locker.” It’s worth noting that variant 5 is the latest version of the toolkit.
According to the researchers, Silent Locker can generate a malicious file containing a warning from a certain law enforcement agency, based on where the victim is located.
Cybercriminals have packaged the malware by using the AutoIT tool. This makes the malware more difficult to detect by antivirus solutions.
As far as the IP address of the site is concerned, it has been associated with other phishing domains as well.