Here’s another excellent reason not to browse adult websites at work

Fake adult websites are being used to distribute malware

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Cybersecurity researchers have highlighted another reason not to browse dodgy adult websites: some of them are distributingvirusescapable of completely destroying computers.

Recently, experts from Cyble discovered a couple of websites, whose domain names suggest they could feature pornographic materials. As soon as someone navigates to these sites, they are prompted to download a file named “SexyPhotos.JPG.exe”.

While for the experienced web user this would trigger every mental alarm conceivable, people who are not as well-versed might fall for the trap, particularly as   Windows hides file extensions by default.

Ransomware or wipers?

When triggered, the file drops four executable files - del.exe, open.exe, windll.exe and windows.exe - as well as one batch file called avtstart.ba into the temporary folder on the target endpoint.

Each file has a unique role to play in this attack, but in general, this is all made to look like aransomwareattack: the victim’s files are renamed and blocked, and a ransom note is left behind, demanding $300 in Bitcoin or $600 if the payment doesn’t come within three days.

How ransomware turned into the stuff of nightmares for modern businesses>Ransomware is still a major threat for your business>These are the best identity theft protection solutions out there

But the bigger problem is that this isn’t a ransomware attack to begin with, but rather a file-wiping malware attack, whose operators have no intention of returning any files to the victims.

“Even if a decryptor is provided, renaming files to their original file name is impossible as themalwareis not storing them anywhere during the infection,” Cyble explained.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

There is one way the effects of the wiper could be reversed,BleepingComputerhas found. Apparently, the wiper doesn’t delete shadow copies, allowing users to restore theiroperating systemto a previous state. In other words, restoring the OS from an older backup may resolve the problem.

ViaBleepingComputer

Sead is a seasoned freelance journalist based in Sarajevo, Bosnia and Herzegovina. He writes about IT (cloud, IoT, 5G, VPN) and cybersecurity (ransomware, data breaches, laws and regulations). In his career, spanning more than a decade, he’s written for numerous media outlets, including Al Jazeera Balkans. He’s also held several modules on content writing for Represent Communications.

A new form of macOS malware is being used by devious North Korean hackers

Scammers are using fake copyright infringement claims to hack businesses

Belkin’s Travel Bag for Vision Pro has pockets and is way cheaper than Apple’s own case