⚠️ Region Alert: UAE/Middle East
Cybercriminals are currently impersonating Interpol in a ransomware campaign targeting small businesses across various regions, including the Middle East, US, and Europe. The attack leverages social engineering by sending phishing emails that claim the recipient's organization is under investigation for criminal activity. Victims are lured into downloading password-protected archives from Proton Drive, which contain a ransomware payload disguised as video evidence.
Despite its technical simplicity, the ransomware is effective at encrypting local systems and lacks a fixed ransom demand. Instead, attackers force victims to negotiate via the Tox peer-to-peer messaging platform, allowing them to scale demands based on the victim's perceived ability to pay. This campaign underscores the vulnerability of small-to-midsize businesses (SMBs) that often lack robust cybersecurity defenses or specialized IT teams.
Top comments (0)