Beware: Exorcist 2.0 hackers push malware through fake software cracks

September 30, 2020

According to security researcher Nao_Sec, crooks behind Exorcist 2.0 ransomware are using malicious advertising to redirect users to fake software cracking sites to lead the malware installation.

What they noticed, users are redirected to this crack site through a legitimate one in a PopCash mal-advertising.

The crack site pretends to offer the program that breaks copyright protection on commercial software so that it can be used for free.

As an instance, you could be offered a Window 10 Activator 2020 that would allow you to active Windows 10 for free. The downloaded archive file contains a zip file whose password contains in another file of .txt type.

The archive file is supposed to download the malware without being detected by Google Safe Browsing, Microsoft SmartScreen or installed security software. Upon opening this setup, you would find their files encrypted and no free Windows 10 activator gets installed.

 The ransomware then drops ransom note on each encrypted file containing folder. The ransom note contains a unique link to Tor payment where the victims are supposed to pay the ransom.

On visiting this site, users could get the free decryption of one encrypted file. They can also communicate with the crooks from this page.

More Stories

Windows 11 Update: Say Bye To These Features

June 25, 2021

Massachusetts MassNotify Android COVID App Forced By Google

June 21, 2021

What’s New With Microsoft Windows 10 Build 19043.1052

June 10, 2021

You may have missed

How to Remove AssuranceForcast Adware (Mac)

August 29, 2023

Be Vigilant Of The Messages Are Pending Due To Storage Error Email Scam

August 29, 2023

How to Remove Kmrox Ransomware And Recover .kmrox Files

August 29, 2023

How to Remove DontCryLol Ransomware And Recover Locked Files

August 29, 2023

How to Remove AssuranceCapture (Mac)

August 29, 2023