Intel and Kaspersky researchers developed a free decryption tool for victims of the Wildfire variant of ransomware.
Threat actors behind the ransomware used spam emails containing macros to infect users before demanding a ransom of 1.5 bitcoin, according to a 23 August Intel Security blog post.
Wildfire is classified as a “local threat” as it targeted users in Belgium and the Netherlands with malicious emails disguised as missed package delivery notifications containing instructions on how to schedule a new delivery by filling out a “special form,” which actually contains the malware.
Kaspersky researchers observed more than 5,700 infections and said 236 users paid a total of almost $US78,869.00 in order to retrieve their files although researchers noted some users may have negotiated their payments down, according to an Aug. 23 Kaspersky blogpost.
This article originally appeared at scmagazineuk.com