Tag Archive for: Ransomware

FBI: Ransomware threat at all-time high; how to protect company jewels

/in

The scourge of ransomware hit new highs in 2015 and 2016 is turning out to be no bargain – particularly attacks against businesses as the payoffs are higher, the FBI said this week.

Ransomware attacks are not only proliferating, they’re becoming more sophisticated, the FBI stated.

+More on Network World: FBI warning puts car hacking on bigger radar screen+

“Several years ago, ransomware was normally delivered through spam e-mails, but because e-mail systems got better at filtering out spam, cyber criminals turned to spear phishing e-mails targeting specific individuals,” the FBI stated. And in newly identified instances of ransomware, some cyber criminals aren’t using e-mails at all. “These criminals have evolved over time and now bypass the need for an individual to click on a link. They do this by seeding legitimate websites with malicious code, taking advantage of unpatched software on end-user computers,” said FBI Cyber Division Assistant Director James Trainor in a statement.

To read this article in full or to leave a comment, please click here

Network World Security

Major Campaigns Spreading CryptXXX Ransomware Via Exploit Kits – Threatpost

/in

Threatpost

Major Campaigns Spreading CryptXXX Ransomware Via Exploit Kits
Threatpost
Researchers at Palo Alto Networks on Thursday said attackers behind a campaign distributing Locky via the Nuclear Exploit Kit had two weeks ago switched to distributing CryptXXX using the feature-laden Angler Exploit Kit. Researcher Brad Duncan said
Toy maker Maisto's website pushed growing CryptXXX ransomware threatPCWorld
CryptXXX ransomware being served by toy company siteSC Magazine
Toymaker's website pushes ransomware that holds visitors' files hostageArs Technica
Bitcoinist.net
all 6 news articles »

“exploit kit” – read more

Toymaker’s website pushes ransomware that holds visitors’ files hostage

/in

Enlarge (credit: Malwarebytes)

The website belonging to Maisto International, a popular maker of remote-controlled toy vehicles, has been caught pushing ransomware that holds visitors’ files hostage until they pay a hefty fee.

Malicious files provided by the Angler exploit kit were hosted directly on the homepage of Maisto[.]com, according to antivirus provider Malwarebytes. The attack code exploits vulnerabilities in older versions of applications such as Adobe Flash, Oracle Java, Silverlight, and Internet Explorer. People who visit Maisto[.]com with machines that haven’t received the latest updates are surreptitiously infected with the CryptXXX ransomware. Fortunately for victims in this case, researchers from Kaspersky Lab recently uncovered a weakness in the app that allows users to recover their files without paying the extortion demand. People infected with ransomware in other drive-by attacks haven’t been so lucky.

After discovering the infection of the Maisto homepage, Malwarebytes Senior Security Researcher Jerome Segura used this tool from website security firm Sucuri. It detected that Maisto was running an out-of-date version of the Joomla content management system, which is presumed to be the way attackers were able to load the malicious payloads on the homepage.

Read 4 remaining paragraphs | Comments

Technology Lab – Ars Technica

Infection Minus Interaction? New Android Ransomware Delivers – Security Intelligence (blog)

/in

Infection Minus Interaction? New Android Ransomware Delivers
Security Intelligence (blog)
Once executed, the Android ransomware prevented the device from displaying an application permissions dialog box and then installed malware that labeled itself “Cyber.Police.” The infection then locks the device, prevents any other apps from launching …

\\”android+ransomware\\” – read more