Spear Phishing Pacman cryptolocker campaign: Targets chiropractors environments

The CSIS Denmark security company has provided information about a new malware campaign which is targeting Chiropractors. The CSIS company discovered the Pacman malware when they analyzed a spear-phishing email which was sent to a Chiropractor.┬áThe Spear-phishing email claims that it has a message about a “patient” and that the chiropractor has to read the message via DropBox.

The CSIS picture of the spear phishing  PACMAN campaign
The CSIS picture of the spear phishing PACMAN campaign

The forged spear-phishing email contains a malformed link which claims to redirect the user to a Dropbox image file.

PACMAN SPEAR PHISHING
PACMAN SPEAR PHISHING

The CSIS report states that once the payload has been downloaded and executed, that the victim will get an “Ransomware” screen. The Ransomware screen demands the user to pay a specific amount of money to get the files back. If the victim declines this demand, then the ransomware will delete all the locked files on the infected computer. The CSIS report explains that the Pacman Phishing campaign malware holds ransomware capabilities and keylogging capabilities.

Pacman Ransomware screen [Picture by CSIS]
Pacman Ransomware screen [Picture by CSIS]

The text which is showed with the Ransomware screen

Your files have been encrypted! And your computer locked!

Countdown 23:59:58 to descruction