Ransomware and Recent Variants

Discussion in 'malware problems & news' started by ronjor, Mar 31, 2016.

  1. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,722
    Location:
    Texas
    https://www.us-cert.gov/ncas/alerts/TA16-091A
     
  2. stapp

    stapp Global Moderator

    Joined:
    Jan 12, 2006
    Posts:
    7,267
    Location:
    England
  3. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,054
    US and Canada issue joint alert after rash of cyber attacks against hospitals
    http://www.rawstory.com/2016/03/us-...fter-rash-of-cyber-attacks-against-hospitals/
     
  4. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    Of course these attacks are going to get much worse. The hospitals have always paid the ransom.

    So Mr. Hospital Administrator, you better start allocating in the hundreds of thousands of dollars for like payments since that where these ransom requests are headed.
     
    Last edited: Apr 3, 2016
  5. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,054
  6. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,039
    Ironically, the IT guy's know what to do to mitigate the damage, but are getting fought tooth and nail, by the doctors who don't want to be inconvenienced. As long as the doctors persist, hospitals are going to be a good feeding ground
     
  7. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
  8. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
  9. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,054
  10. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,054
  11. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,054
    Meet the Cryptoworm, the Future of Ransomware
    https://threatpost.com/meet-the-cryptoworm-the-future-of-ransomware
     
  12. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,039
    And a big thanks to the likes of Sandboxie and ShadowDefender
     
  13. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,054
    Jigsaw Ransomware Threatens to Delete Your Files, Free Decrypter Available
    http://news.softpedia.com/news/jigs...r-files-free-decrypter-available-502824.shtml

     
  14. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,054
    Yes I agree. Unfortunately not many people and companies use such defenses. In most cases backup inaccessible to regular users is only way to restore data. Or to pay up.
     
  15. Peter2150

    Peter2150 Global Moderator

    Joined:
    Sep 20, 2003
    Posts:
    17,039
    True, and you either use and learn the proper defenses, or you pay. Hmm, sounds like life itself:)
     
  16. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,722
    Location:
    Texas
     
  17. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,722
    Location:
    Texas
  18. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    Interesting posting over at bleepingcomputer.com on a ransomware using legit encryption software, AxCrypt, to encrypt all files on a server. Unfortunately, AxCrypt is designed to be unbreakable and without a key is impossible to break:

    The basic rule is: If you lose or forget your passphrase or key-file, your documents are lost. There is no back-door into AxCrypt.

    The only way to recover a lost passphrase is to try all likely combinations. If you have used a key-file, and lost that, there is nothing to do at all - the number of combinations is simply too large. That is why you must print a paper backup copy if you use key-files.


    Ref.: http://www.bleepingcomputer.com/forums/t/609003/axcrypt-encrpyt-axx-ransomware/
     
  19. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,722
    Location:
    Texas
  20. itman

    itman Registered Member

    Joined:
    Jun 22, 2010
    Posts:
    2,969
    Location:
    U.S.A.
    Web shell based. These guys are getting more creative with each passing day.
     
  21. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,054
  22. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,054
    New CryptXXX Ransomware Locks Your Files, Steals Bitcoin and Local Passwords
    http://news.softpedia.com/news/new-...eals-bitcoin-and-local-passwords-503149.shtml
     
  23. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,722
    Location:
    Texas
     
  24. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,054
    Latest Teslacrypt targets new file extensions, invests heavily in evasion
    https://threatpost.com/latest-teslacrypt-targets-new-file-extensions-invests-heavily-in-evasion
     
  25. Minimalist

    Minimalist Registered Member

    Joined:
    Jan 6, 2014
    Posts:
    5,054
Loading...