Alert: Malware tricks users into downloading CryptoLocker decryption tool

Posted by Manny Veiga on Jun 17, 2014 9:40:00 AM

Reports say cybercriminals are taking advantage of the recent news coverage around CryptoLocker to launch a phishing attack that tricks victims into paying for bogus software.

Bullguard Security says it has identified a spam email campaign that offers a CryptoLocker “decryption tool,” which it claims can restore access to files that CryptoLocker has infected and encrypted.

Attackers are hoping to drum up hysteria from victims who might have heard or read about CryptoLocker recently. The Today Show aired a segment on CryptoLocker just this morning, warning users against opening unfamiliar emails and reporting that several copycats are on the way.

Read More

Topics: Malware

Cryptowall: New ransomware picking up where CryptoLocker left off

Posted by Paul Hanley on Jun 11, 2014 1:40:00 PM

A new form of ransomware is on the loose, filling the void left by CryptoLocker. Several security blogs are warning IT pros about “Cryptowall”, which leverages social engineering and security exploits to encrypt its victims’ files.

Ronnie Tokazowski at PhishMe.com wrote an analysis of Cryptowall, explaining how users around the world have lost access to thousands of files after failing to pay the ransom.

Cryptowall tricks users into downloading infected attachments or clicking infected advertisements, and then takes advantage of security gaps in Silverlight, Flash, and Java to make its way onto computers, according to an alert from SANS Internet Security Center.

Read More

Topics: Malware

Finance and energy companies say they expect a malware attack

Posted by Kristen Ciccolini on Jun 3, 2014 8:30:00 AM

With malware becoming more sophisticated, highly targeted industries like energy and finance admit they are expecting a cyber-security attack within the next 12 months and are working hard on implementing strategies for defense.

In a study of over 200 IT security professionals within these sectors, ThreatTrack Security discovered that nearly 40 percent of respondents are anticipating an Advanced Persistent Threat (APT) attack in the next year.

APTs are highly targeted threats that are sometimes credited to sophisticated hacking organizations funded by government or criminal groups.

Read More

Topics: Malware

Cryptolocker has at least one copycat, what MSPs need to know

Posted by Manny Veiga on Jan 20, 2014 1:46:00 PM

One of the newest strains of malware, cryptolocker, is proving to be an even more dangerous version of its ransomware predecessors, forcing businesses to pay a ransom or abandon their data encrypted and unrecoverable. Even more worrisome is the belief among some experts that there's a cryptolocker copycat sneaking its way around the internet.

Read More

Topics: Malware

Neverquest: The new malware threat financial services MSPs should know

Posted by Manny Veiga on Jan 13, 2014 12:09:00 PM

With cryptolocker already wreaking havoc worldwide, there is a new strain of malware that could be endangering banks' and their customers' financial data – a concern for IT managed services providers serving the financial industry.

Neverquest malware has been deemed more dangerous than Zeus, a virus that has threatened the industry for five years now, TechRepublic reported. Zeus, once loaded onto an individual's device, would steal online banking account passwords and login information and then send this encrypted information to the attacker's servers.

Read More

Topics: Malware

How cloud backup helps SMBs recover from crypto ransomware

Posted by Manny Veiga on Sep 19, 2013 3:30:00 PM

Antimalware vendors are working to fight a new ransomware strain that encrypts victims’ files and holds them hostage for $300. The malware’s sophistication and primary target – businesses – demonstrates the value of using cloud backup to keep an alternative version of corporate files at the ready in case of attack.

Researchers with Emisoft Anti-Malware offered an in-depth breakdown of the new variant of Cryptolocker – also known as Trojan:Win32/Crilock.A. - in a recent blog post. Judging by the file types sought during the encryption process – database files and formats used in the Microsoft Office suite – Emisoft believes attackers are primarily targeting businesses rather than consumers. 

Read More

Topics: Malware