Fake PayPal Site Spreads Ransomware

A website pretending to offer an official PayPal application and 3-5% return from purchases spreads new ransomware - Nemty. The website is now flagged as dangerous by major browsers, but at first glance, it seems genuine. If the visitor falls for the trick and downloads file named "cashback.exe", all files will be encrypted in a matter of minutes and ransom note for $1,000 will be visible. Nemty ransomware was discovered by researchers in August and steadily gains notoriety. Interestingly enough, it doesn't target users from Russia, Belarus, Kazakhstan, Tajikistan and Ukraine.

Author image

About Ariadna Pawluk

Cybersecurity enthusiast, hunting all the freshest news, insights and tidbits.