• Articles
    • Editorial Articles
    • Research Articles
    • WatchGuard Articles
  • The 443 Podcast
  • Threat Landscape
  • About
    • About Us
    • Contact Us
    • Contribute to Secplicity

Secplicity - Security Simplified

Powered by WatchGuard Technologies

Not All Ransomware is Created Equal – A Ransomware Roundup

November 17, 2016 By The Editor

Ransomware

Ransomware has been running rampant in news reports today. Let’s take a look at a few key stories:

New ransomware discovered in the wild

A new ransomware called “CryptoLuck” has been recently exposed by “Kafeine,” a Proofpoint security researcher. This new type of malware is being distributed via the RIG-E exploit kit, which is typically an unconventional way of spreading new ransomware infections. That said, this specific distribution method can indicate that the ransomware may have a greater chance of affecting a larger number of victims. So, in addition to asking for about $1,500 worth of Bitcoin to be paid within 72 hours, it also abuses the valid GoogleUpdate.exe executable and leverages DLL hijacking to corrupt computers. For the full story, visit Security Week.

Keys to decrypting ransomware

Unlike the victims of CryptoLuck, those affected by Crysis, a form of ransomware that encrypts files and usernames, are now able to download a decryptor. Security blog BleepingComputer released master decryption keys for Crysis victims via Kaspersky Lab’s website. Once the program is running, users can follow the directions to decrypt their infected files. Following the release of the decryptor, targets can reclaim control of their data without having to pay the ransom! Though the reason why keys were released is unknown, experts think it may be due to any increased pressure from law enforcement regarding ransomware and the developers behind them. Visit Healthcare IT News for the full story.

Ransomware used to target bad guys 

In general, it’s agreed upon that ransomware is a nasty tool used to extort the innocent. But what would happen if ransomware was used for good? “Ransoc,” a newly discovered strain of ransomware, is working to target and impose ransoms on pedophiles. This particular ransomware is spread by malvertising, mainly consumed through traffic between Plugrush and Traffic Shop that interact within one another on adult websites. The ransomware looks to infect Internet Explorer on Windows and Safari on OS X, and if the malware believes it has suspected illegal files on a user’s device, the user then becomes infected. When infected, a screen locker is then displayed on the victim’s social media and may exhibit a customized “Penalty Notice.” Check out the full story on SC Media.

To read more about ransomware in general from Marc Laliberte, WatchGuard Information Security Threat Analyst, check out “Decrypting Ransomware.”

Share This:

Related

Filed Under: Editorial Articles, Featured Tagged With: cyber security, Hacking, Infosec news, Malware, Security breach

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

The 443 Podcast

A weekly podcast featuring the leading white-hat hackers and security researchers. Listen Now
the 443 podcast

Threat Landscape

Filter and view Firebox Feed data by type of attack, region, country, and date range. View Now
threat landscape

Top Posts

  • Cybersecurity News: Free Cybersecurity Training, TrickBot Group Exposed, Major GoDaddy Breach, and Russia to Legalize cybercrime?!
  • US National Cybersecurity Strategy
  • Here Come The Regulations
  • An Update on Section 230

Email Newsletter

Sign up to get the latest security news and threat analysis delivered straight to your inbox

By signing up you agree to our Privacy Policy.


The views and opinions expressed on this website are those of the authors and do not necessarily reflect the policy or position of WatchGuard Technologies.

Stay in Touch

Recent Posts

  • 3CX Supply Chain Attack
  • The NSA’s Guidance on Securing Authentication
  • Cybersecurity News: LastPass Incident Revealed, White House Issues Cybersecurity Strategy, FBI Purchases Leaked USHOR PII Data, and a Slew of Other Breaches
  • An Update on Section 230
  • Here Come The Regulations
View All

Search

Archives

Copyright © 2023 WatchGuard Technologies · Cookie Policy · Privacy Policy · Terms of Use