ESET
Reports Major Increase of Dangerous Filecoders - Trojans Extorting
Ransom After Encrypting Data
Share This!
BANGALORE
/ MUMBAI, India - October 1, 2013
ESET, ESET HQ Malware Research Lab is
reporting an unusual spike in the actvity of Filecoder malware -
trojans that encrypt user files and try to extort a ransom from the
victim in exchange for a decrypting software. ESET LiveGrid®
technology- the company's cloud-based malware collection system - has
shown a rising weekly number of Win32/Filecoder detections by over 200%
since July 2013 from average numbers in January - June 2013.
Significant share of detection (44%) are from Russia, but a
significant share is reported in southern Europe (Italy, Spain),
Central and Eastern Europe (Germany, Czech Republic, Poland, Romania
and Ukraine), and the United States.
To
infect the computer, cybercriminals are using various infiltration
methods: drive-by downloads from malware-laden websites; e-mail
attachments, installation through another Trojan or Backdoor, or even
manual installation by the attacker.
Robert
Lipovsky, Malware Researcher at ESET said,
"TheWin32/Filecoder malware family is more dangerous than
other types of so-called ransom ware as they usually encrypt pictures,
documents, music and archives. A wide range of techniques and levels of
sophistication has been seen in different variants over time. It can be
very expensive. Malware samples in this malware category usually
request sums around 100 - 200€, however some have been seen
extorting up to 3000€. The high amount is consistent with the
fact that the attackers usually target businesses that can usually
afford to pay higher ransoms than individuals"
One
recent variant puts the victims under pressure by displaying a
countdown timer indicating that the encryption key will be permanently
deleted, making the recovery of the encrypted files nearly impossible.
ESET advises Internet surfers to stay protected with regularly updated
Antivirus software (ESET products detect these dangerous files).
However, it is also a good idea to password-protect anti-malware software's
settings to prevent them being altered by an attacker andbackup
regularly.
# # #
About
ESET
Founded
in 1992, ESET is a global provider of security solutions for businesses
and consumers. ESET's flagship products ESET NOD32 Antivirus, ESET
Smart Security and ESET Cyber security for Mac are trusted by millions
of global users. ESET NOD32 Antivirus holds the world record for the
number of Virus Bulletin "VB100" Awards, and has never missed
a single "In-the-Wild" worm or virus since the inception of testing
in 1998.
The
Company has global headquarters in Bratislava (Slovakia), with regional
distribution headquarters in San Diego (U.S.), Buenos Aires
(Argentina), and Singapore. ESET has malware research centers in
Bratislava, San Diego, Buenos Aires, Prague (Czech Republic), Krakow
(Poland), Montreal (Canada), Moscow (Russia), and an extensive partner
network in 180 countries.
In
India ESET products are exclusively supplied and supported by "ESS
Distribution Pvt Ltd". The sales of ESET products are
executed through the Channel Partners across India. Website: www.esetindia.com/
About
ESET LiveGrid® technology
Build
on ThreatSense.NET advanced early warning system, ESET LiveGrid® is
designed to provide additional levels of security to your computer. It
constantly monitors your system's running programs and processes
against the latest intelligence collected from millions of ESET users
worldwide. Additionally, your system scans are processed faster and
more precisely as the ESET LiveGrid® database grows over time.
ESET's
cloud-based LiveGrid® technology comprises of several parts, which
can be roughly divided into three types of data which are sent from
participating clients' computers to our Security Research Lab:
detection statistics (also known as ThreatSense.Net), malicious and
suspicious files, and various metadata about files. All of this is
vital for making detection more effective. The information flows the
other way (from the cloud to the client) as well. The benefits of
cloud-assisted scanning include a faster response time (not having to
wait for a full signature update), better scanning performance
(optimization) and a more accurate detection with less false positives.
|
No comments:
Post a Comment