Tag Archive: ransomware

lockyRansomware, what is it? Defined as “malware for data kidnapping,” it is one of the top security issues in the digital and cloud age, wherein the hacker or attacker encrypts data and asks for ransom (usually a Bitcoin payment) for the decryption key.

Today, another ransomware threatens the online community “Locky” that can hit you if you were ‘unlucky.’ It works similarly like the modus conducted by the banking software Dridex.

How Locky works?

A victim will be sent an email with a Microsoft Word attachment disguising as an INVOICE that requires macro.

[By default, Microsoft disables it due to security reasons. So a user normally will see a warning if an attachment contains it.]

Now if you would enable the macro function, it will run and then download Locky to your PC, according to the Palo Alto Networks.

[It is the same modus operandi used by Dridex, a notorious Trojan that steals banking account details.]

There are suspicions that the distributors of Locky are connected to one of the main men of Dridex because both use the same mode of malware distribution.

If you or your organization happens to be the unlucky target, your files will be unrecoverable unless you have a regular backup or if your data has not been touched yet.

Lately, the Hollywood Presbyterian Medical’s computer system was infected by ransomware in which the hackers ask for 9,000 bitcoins (or approximately US$3.6 million).

Reports indicated that the operators behind Locky may have conducted a large attack. Palo Alto Networks revealed that it had detected 400,000 sessions that used the same downloader “Bartallex,” which is the one that deposits the infection onto a computer system. Over half of the targets were recorded in the United States and the rest included Australia and Canada.

Locky utilizes its command-and-control infrastructure for conducting a memory exchange before encrypting the files.

Kevin Beaumont from Medium said that encrypted files have the ‘.locky’ extension. He wrote guidance on how to figure out who among the people in an organization has been infected and recommended that the active directory account of the victim must be locked and its network access must be shut down. Finally, he said that you are more likely to rebuild the victim’s PC from scratch.

Check out the full story here.

computer2Today, Blue Coat Systems, Trend Micro and McAfee reported about the on-going trends for online security threats. According to sources, SMBs or small and medium sized businesses in the United Kingdom continue to neglect lingering security threats online. The rouse in ransomware, which saw an increase to 58% in quarter number two, is due to the involvement of new players like CryptoWall, CTB-Locker and many others, Malware and security threats are also evident in mobile devices or applications. The same quarter also saw a whopping 6.7 million tries to attract more people in going to risky URL’s. Blue Coat Systems most recent study says that .zip and .review websites are highly associated with suspicious resources online. For more information regarding this post, go to the resource.

Resource: CBR

online threatsAs trends change, so do hackers. Due to this fact, it’s no longer surprising to know that online threats also develop. One such threat is Adobe Flash. This program is on almost all computers and web browsers and it has recently become a favorite playground for hackers and cyber criminals. Certain security loopholes on Adobe Flash may allow hackers to download viruses or even gain remote access to your computer. The second biggest threat is Ransomware. It’s a virus, usually sent through mail that encrypts your data files and prevents you from gaining access unless you pay a ransom. Visit Kim Komando for more information about these threats.

Source: Kim Komando

 

mail2Brien Mc Elhatten of ‘The List’ talks about Ransomware, what it is and how much it will cost you. According to his conversation with a tech expert from Data Doctors, Ken Colburn, it all starts with an email. The content of the email is so deceptive that there’s a very high possibility that the recipient will undoubtedly click the link on the email. And once the link has been clicked, all files in your computer will be encrypted and scrambled by a hacker. The worst part is that the only way to get your files back is to pay a hefty ransom which can reach up to 1,500 dollars.

Source: ABC Action News

Ransomware is a rampant malware that many businesses and individuals experience due to lack of online security. It is a sad truth that law enforces cannot restrain this nature of malware. This leaves users vulnerable to the creator of the malware who forces users to pay to access their hard drives and remove the malware from their system. Encrypted files can also be decrypted. There are also tools such as CryptoLockercrimeware, FireEye/Fox-IT Decrypt CryptoLockerthat can help you recover encrypted files. If encryption recovery didn’t work, you can try the backup Microsoft Windows’ System Restore function. You can also use Shadow Explorer or Windows’ Previous Version functionality to do the same.

Source: Dark Reading

Computer-WarningAn evolution of ransomware, Cryptolocker Trojan, was not a significant leap from other criminal attempts that extorted money from PC users, but seniors security advisor for Sophos told in an interview that there is a little of hype because it is the just an incarnation of ransomware. What is a ransomware?  A malware encrypt the files of someone and later on convince the owners of those to pay money so that they can decrypt again.  To know more about the story, check out from the source.

Source: Computer World

Ransomware Taken Down

security1Earlier this month, the takedown notice of a significant malware botnet has affected the distribution of Cryptolocker, a major type of a ransomware, but a replacement is on the way, said a researcher. Security researcher of Dell SecureWork’s Counter Threat Unit, Keith Jarvis, said that they never seen a new infection or a new activity. He was talking about Gameover Zeus, a botnet that the foreign authorities and the United States took down through a major campaign and that had been a distributing channel for Cryptolocker. Read the full version of the story from the source.

Source: Computer World

Thousands of PCs in the UK could be infected with malware used to extort money from people warned Bitdefender.

The security company, found on millions of PCs around the world, said the malware scans the user’s IP address. It then sends a message saying purporting to come from the police accusing people of piracy. People are told they can pay a fine of as much as £125 to avoid prosecution.

These forms of attacks using malware such as Trojan Horses are being called ransomware by the security industry. Research has shown this form of attack is growing and could become a major problem next year.

Source: Computer Active

 

 

[ad#Google Adsense]

Hextually transmitted pathogen encrypts files

A ransomware Trojan threat is back – in an even more noxious form – two years after it last appeared.…

Source: The Register – Security