Kotov, however, did find an implementation flaw in CryptoDefense that could allow for the decryption key to be found on the victim’s computer. Kotov, however, did find an implementation flaw in CryptoDefense It also forces the victim to visit the attacker’s website in order to make ransom payments CryptoLocker provides its own GUI for this purpose. If the ransom demand is ignored, the victim is threatened with permanent destruction of his files.īromium’s Vadim Kotov wrote on the company’s website that while CryptoDefense is a competitor to CryptoLocker, there are similarities between the two attacks, including payment methods (Bitcoin), public-key encryption used and that some of the same file extensions are targeted by both.ĬryptoDefense, like CryptoLocker, will go after Office, photos and movie files, but it also targets source code files and SSL certificates. Eventually, the victim is presented with a message that files on the hard drive have been encrypted and they must pay a ransom by a deadline in order to have them decrypted, or the price goes up. Victims are being popped by a Java exploit, which then downloads and executes the malware in stages.
Unlike CryptoLocker which spread primarily via phishing and spam emails, Bromium experts say CryptoDefense is compromising computers via drive-by downloads. The latest is a sample spotted by researchers at Bromium Labs that they’ve called CryptoDefense. Naturally seeing the opportunity for financial gain, competitor pieces of malware are popping up and building on what CryptoLocker started. Reportedly, criminal gangs utilizing this dangerous type of ransomware were earning hundreds of thousands of dollars per month. CryptoLocker certainly changed the ransomware game last year when it threatened its victims with the loss of important files if a timely ransom payment was not made.
0 kommentar(er)
