An email campaign that was identified distributing the GandCrab ransomware worldwide. The email attempts deceive a potential victim into believing that it is a legitimate message from the Center for Disease Control, stating that there is a flu outbreak. The subject line for the emails was: “Flu pandemic warning.” The infection process begins once a victim opens the attachment. It is a Microsoft Word document titled “Flu pandemic warning.doc”. It is important to note that the malware, in order to be successfully installed, requires the victim to enable macros. As is customary with other ransomware, it aims to lock a victim’s files, and demand that a ransom be paid. At this time, there is not a decryption tool available to unlock a victim’s files.
Flu pandemic warning[.]doc