• Visitors can check out the Forum FAQ by clicking this link. You have to register before you can post: click the REGISTER link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below. View our Forum Privacy Policy.
  • Want to receive the latest contracting news and advice straight to your inbox? Sign up to the ContractorUK newsletter here. Every sign up will also be entered into a draw to WIN £100 Amazon vouchers!

'Alarming' rise in ransomware tracked

Collapse
X
  •  
  • Filter
  • Time
  • Show
Clear All
new posts

    'Alarming' rise in ransomware tracked

    Apologises firstly from the departure of usual waffle and 'it' related topics.

    Has anyone among us been a victim? Don't even know of anyone among my fraternity who has. But then we all use Macs....


    'Alarming' rise in ransomware tracked - BBC News


    'Alarming' rise in ransomware tracked

    Petya ransomware
    The Petya ransomware makes a computer unusable until a ransom is paid
    Cyber-thieves are adopting ransomware in "alarming" numbers, say security researchers.

    There are now more than 120 separate families of ransomware, said experts studying the malicious software.

    Other researchers have seen a 3,500% increase in the criminal use of net infrastructure that helps run ransomware campaigns.

    The rise is driven by the money thieves make with ransomware and the increase in kits that help them snare victims.

    Ransomware is malicious software that scrambles the data on a victim's PC and then asks for payment before restoring the data to its original state. The costs of unlocking data vary, with individuals typically paying a few hundred pounds and businesses a few thousand.

    Rapid growth

    "Ransomware and crypto malware are rising at an alarming rate and show no signs of stopping," said Raj Samani, European technology head for Intel Security.

    Ransomware samples seen by his company had risen by more than a quarter in the first three months of 2016, he added.

    Mr Samani blamed the rise on the appearance of freely available source code for ransomware and the debut of online services that let amateurs cash in.

    Ransomware was easy to use, low risk and offered a high reward, said Bart Parys, a security researcher who helps to maintain a list of the growing numbers of types of this kind of malware.

    "The return on investment is very high," he said.

    Bitcoin signAP
    Many cyber-thieves using ransomware demand to be paid in bitcoins
    Mr Parys and his colleagues have now logged 124 separate variants of ransomware. Some virulent strains, such as Locky and Cryptolocker, were controlled by individual gangs, he said, but others were being used by people buying the service from an underground market.

    "It's safe to say that certain groups are behind several ransomware programs, but not all," he said. "Especially now with Eda and HiddenTear copy and paste ransomware, there are many new, and often unexperienced, cybercriminals."

    A separate indicator of the growth of ransomware came from the amount of net infrastructure that gangs behind the malware had been seen using.

    The numbers of web domains used to host the information and payment systems had grown 35-fold, said Infoblox in its annual report which monitors these chunks of the net's infrastructure.

    "They use it and customise it for each attack, " said Rod Rasmussen, vice-president of security at Infoblox.

    "They will have their own command and control infrastructure and they might use it to generate domains for a campaign," he told the BBC. "Then they'll have some kind of payment area that victims can go to."

    "The different parts are tied to particular parts of the chain," he said. "Infection, exploitation and ransom."

    Hidden files

    What is ransomware?
    The spread of ransomware was also being aided by tricks cyber-thieves used to avoid being detected by security software, said Tomer Weingarten, founder of security company SentinelOne.

    "Traditional anti-virus software is not effective in dealing with these types of attacks," he said.

    The gangs behind the most prevalent ransomware campaigns had got very good at hiding their malicious code, said Mr Weingarten.

    "Where we see the innovation is in the infection vector," he said.

    SentinelOne had seen gangs using both well-known techniques and novel technical tricks to catch out victims.

    A lot of ransomware reached victims via spear-phishing campaigns or booby-trapped adverts, he said, but other gangs used specialised "crypters" and "packers" that made files look benign.

    Others relied on inserting malware into working memory so it never reached the parts of a computer on which most security software keeps an eye.

    "It's been pretty insane with ransomware recently," he said.
    "Never argue with stupid people, they will drag you down to their level and beat you with experience". Mark Twain

    #2
    I once got an email from HMR&C demanding money with menaces, does that count?

    Comment


      #3
      Originally posted by scooterscot View Post
      Has anyone among us been a victim? Don't even know of anyone among my fraternity who has. But then we all use Macs....
      Mac ransomware caught before large number of computers infected | Reuters

      Not safe either by using macs and there have been others in the public domain too since this one.

      I've not been a victim but I have seen a couple of instances of my clients being caught out.

      Comment


        #4
        Any euro referendum related 'ware out yet???

        Comment


          #5
          Originally posted by AtW View Post
          Any euro referendum related 'ware out yet???
          Yes, it is called 'Fresh Underware'. Will be donated free to Brexiters shortly.

          Comment

          Working...
          X