The cybercriminals which are after financial gain have stepped up their game – the Jigsaw malware is now providing the service to the victims to communicate with the cybercriminals which operate the Jigsaw malware.
The cybercriminals have setup this function in order to instruct victims on how to pay the ransom. This function allows the cybercriminals to increase their success rate as they will be able to negotiate with the victims on which amount of money needs to be payed.
Another interesting fact is that it seems that these cybercriminals are starting to have rules on which amount of money needs to be transferred. The guys from Trend-Micro initiated an chat with an Jigsaw hacker and they noticed that they could lower the ransom amount to 125 USD – while previously the hackers were asking 150 USD.
The cybercriminals are using the free onWebChat plugin to talk with their victims.
The SHA1 hashes below can be used to find Jigsaw samples on the web:
-
71670ac6e52967b547d311df8cfb0172cbcd23c7
-
ca84c5ec27f84348be84e971c85fe52f678ca8da
The chat link which was used by the Jigsaw hackers:
- hxxp://374579.eu5.org/chat.html