The fake PayPal page promises to return 3-5% from purchases made through the payment system. According to BleepingComputer, it takes about seven minutes for the ransomware to encrypt the files on the victim host. However, this may differ from one system to another.
Nemty ransomware has been present on cybercriminal forums for some time but it emerged on the radar of the infosec community towards the end of August 2019. BleepingComputer tests showed that the ransom demand was 0.09981 BTC, which is about USD 1,000, and that the payment portal is hosted in the Tor network for anonymity.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now