Fake COVID-19 Test Results Drop King Engine Ransomware kohls cc phone, cc dumps fullz

According to Cofense Intelligence researchers, a new version of Hentai OniChan Ransomware dubbed “King Engine” is being delivered during a Coronavirus-themed phishing campaign.
The new variant called King Engine exfiltrates data and demands a huge amount as ransom, which is significantly on top of previously analysed versions of Hentai OniChan campaigns.
In previous campaigns, cybercriminals used the Berserker variant of this ransomware, which used similar phishing emails to focus on the financial and energy sectors and did not exfiltrate data. 
However, this is a tough campaign that uses the  COVID-19 scare  to compromise the victim’s device.
The spike in coronavirus cases during October has led to more testing and makes this sort of phishing campaign even more threatening. 
This campaign uses common tactics, techniques, and procedures (TTPs) to reach end-users and deliver Hentai OniChan Ransomware that belongs to the Quimera Ransomware family. 
During this scam, attackers are sending emails that contain the recipient’s Coronavirus test result in an attachment, which is simply a lure to convince the victim to open the attachment.
As shown in the image above, the e-mail provides a password for opening the document and mentions the name of a nurse who can answer their questions. However, it is a trick to form an e-mail that appears legitimate.
Cofense Intelligence researchers stated that  Hentai OniChan  Ransomware was discovered in September and is found in an environment protected by Symantec, Proofpoint, Cisco IronPort, Microsoft ATP, and TrendMicro.
Once the target’s files are encrypted, the ransom note is provided to the victim affected which contains the way to pay the ransom, price to be paid 50 BTC (£524,725 – €584,299- $676,000), Bitcoin address, timeline, and contact email address.
As the COVID-19 pandemic is considered the most crucial global health calamity of the century, it is no surprise that malware authors are exploiting the pandemic. An outsized number of individuals have taken a test and awaiting results.
So if you are on the web, you are susceptible to such attacks. Ensure you don’t fall to these scare tactics and don’t download or open files from anonymous users.
Also Read
Infamous Maze Ransomware Operators Shuts Down Operations
Vermont Hospitals Now Latest Victim of Ransomware Attacks
kohls cc phone cc dumps fullz