New Ransomware Hits the Street

Friday, April 17, 2015 @ 01:04 PM gHale


A new addition to ransomware, TeslaCrypt, has the usual assortment of malware, but it is also able to encrypt file types associated with video games and game related software, as well as iTunes-related files.

The main delivery method is through exploit kits like Angler, but it also uses others like Sweet Orange and Nuclear.

RELATED STORIES
Destructive Hacks Growing
BYOD, Cloud Security Risk Growing
DDoS Attacks Less Frequent, More Complex
Detected Vulnerabilities on Rise: Report

Nuclear is the kit of choice in the latest attack as victims end up redirected to the site hosting the exploit kit from compromised WordPress sites.

In one particular case discovered by Brad Duncan, security researcher at Rackspace, the kit exploited a Flash vulnerability affecting an out-of-date version of Flash player (13.0.0.182).

The delivered ransomware still uses a visual identity similar to that of Cryptolocker. When victims visit the site that instructs them on how to pay the ransom, the identity of the ransomware becomes readily apparent.

While the infection attempt is new, and it’s too early to tell how many users will pay the ransom. It appears as of right now, no one has paid.

Even though there are now ways to restore the files encrypted by some types of ransomware without paying ransom, the best protection is to back up regularly all the files you consider important.



Leave a Reply

You must be logged in to post a comment.