Threats & Security Ransomware
In the light of the latest Ransomware viruses, we thought it would be helpful to make the public aware of the worst ones out there, after all knowledge is power!
Taken From Trend Micro, there are a couple of nasty Ransomwares doing the rounds at the moment. Be sure to scan all Files/Documents & Attachments that you receive, even its from a trusted source.
One of the more interesting developments is a unique payment scheme pioneered by the creators of the new malware Popcorn Time (detected by Trend Micro as RANSOM_POPCORNTYM.A) This has no relation to the multi-platform media service of the same name. Aside from accepting payments in Bitcoin, the creators also provided an alternative payment option: pass on a malicious URL provided by the operators and try to infect others with the ransomware. If two of the ‘referred’ victims pay up, a decryption tool is given for free.
Popcorn Time targets files found in My Documents, My Pictures, My Music, and the desktop. When unpacked, it pretends to be installing something and keeps the victim occupied as the files are encrypted using AES-256 encryption. The files are labelled with a .filock extension. The ransomware proceeds with outlining the payment plans for the victims. As justification for their criminal activity, the ransomware authors claim that the money they collect will be given to Syrians in need. It’s not a unique statement; previous ransomware operators have also made similar altruistic claims.
The widespread and ever evolving Cerber ransomware has upped its game. It is now targeting enterprises with a new capability to encrypt database files. Holding hostage essential database files is believed to be an attempt to maximise earnings for the miscreants behind this latest iteration, said Mary Yanbao and Francis Antazo, threat response engineers at Trend Micro. There are currently no guaranteed fixes available for Cerber at the time of writing this post. Wolverhampton IT Services recommend you back up all of your data securely! this will help to minimise the impact of any Threats & Security Ransomware.
Wolverhampton IT Services will update this post regularly to help our customers be more aware of the latest threats and nastiest infections!
February 23rd 2017
New Telephone Scam please Click Here to read the article from Metro West Daily News.
March 27th 2017
Latest detections and listed threats from McAfee Click Here