Everything you need to know about HardBit 2.0 and insurance fraud
Cybercriminals have a new twist on ransomware that takes a strange turn. They infect victims’ devices with HardBit 2.0 malware that encrypts critical files. To get access back to those files, you must pay a fee. Here’s the twist. They try getting information from you that would make your insurance company pay the ransom.
Read on for details on this tricky scheme and ways to stay protected.
What is HardBit 2.0?
HardBit 2.0 is ransomware designed to infiltrate your computer or smartphone and encrypt any valuable data it finds. Then, you’re given a choice: pay a hefty ransom or lose access to your files.
This new scheme takes an unexpected turn. The crooks use cybercrime insurance as a means to an end. Sometimes, they dare to ask you for policy information so the ransom may be adjusted to fit your insurance plan.
Once your system is infected with the HardBit malware, it copies itself to the Startup folder and drops a plain text ransom note and an HTML application into your desktop.
According to Techradar, the note reads, “To avoid all this and get the money on the insurance, be sure to inform us anonymously about the availability and terms of the insurance coverage, it benefits both you and us, but it does not benefit the insurance company.”
Terrifying? Absolutely, and it’s totally real.
You’re directed to the attacker’s TOX messenger account and asked to pay up, or all your important files are lost forever. If 48 hours pass without a response, the thieves threaten that the ransom demand will be doubled.
HardBit was first released in October 2022. Since then, it’s been used to target businesses and ordinary people, often through extortion, dishonesty and other diabolical tactics. The threat actors behind the endeavor threaten to lock you out of your files if the ransom isn’t met.
The following points of contact have been confirmed to be associated with the scheme:
- alexgod5566@xyzmailpro[.]com.
- filetest@decoymail[.]net.
- filetest@onionmail[.]org.
- godgood55@tutanota[.]com.
These threat…