ESET Reports Major Increase
ESET Reports Major Increase
of Dangerous Filecoders Trojans
Extorting
Ransom After Encrypting Data
ESET, ESET
HQ Malware Research Lab is reporting an unusual spike in the actvity of
Filecoder malware - trojans that encrypt user files and try to extort a ransom
from the victim in exchange for a decrypting software. ESET LiveGrid®
technology- the company's cloud-based malware collection system - has shown a
rising weekly number of Win32/Filecoder detections by over 200% since July 2013
from average numbers in January - June 2013. Significant share of detection
(44%) are from Russia, but a significant share is reported in southern Europe
(Italy, Spain), Central and Eastern Europe (Germany, Czech Republic, Poland,
Romania and Ukraine), and the United States.
To
infect the computer, cybercriminals are using various infiltration methods:
drive-by downloads from malware-laden websites; e-mail attachments, installation
through another Trojan or Backdoor, or even manual installation by the
attacker.
Robert
Lipovsky, Malware Researcher at
ESET said, "TheWin32/Filecoder
malware family is more dangerous than other types of so-called ransom ware as
they usually encrypt pictures, documents, music and archives. A wide range of
techniques and levels of sophistication has been seen in different variants over
time. It can be very expensive. Malware samples in this malware category usually
request sums around 100 - 200€, however some have been seen extorting up to
3000€. The high amount is consistent with the fact that the attackers usually
target businesses that can usually afford to pay higher ransoms than
individuals"
One
recent variant puts the victims under pressure by displaying a countdown timer
indicating that the encryption key will be permanently deleted, making the
recovery of the encrypted files nearly impossible. ESET advises Internet surfers
to stay protected with regularly updated Antivirus software (ESET products
detect these dangerous files). However, it is also a good idea to
password-protect anti-malware software's settings to prevent them being altered
by an attacker andbackup regularly.
About
ESET
Founded
in 1992, ESET is a global provider of security solutions for businesses and
consumers. ESET's flagship products ESET NOD32 Antivirus, ESET Smart Security
and ESET Cyber security for Mac are trusted by millions of global users. ESET
NOD32 Antivirus holds the world record for the number of Virus Bulletin "VB100"
Awards, and has never missed a single "In-the-Wild" worm or virus since the
inception of testing in 1998.
The
Company has global headquarters in Bratislava (Slovakia), with regional
distribution headquarters in San Diego (U.S.), Buenos Aires (Argentina), and
Singapore. ESET has malware research centers in Bratislava, San Diego, Buenos
Aires, Prague (Czech Republic), Krakow (Poland), Montreal (Canada), Moscow
(Russia), and an extensive partner network in 180 countries.
In
India ESET products are exclusively supplied and supported by "ESS Distribution
Pvt Ltd". The sales of ESET products are executed through the Channel Partners
across India. Website: www.esetindia.com/
About
ESET LiveGrid® technology
Build
on ThreatSense.NET advanced early warning system,
ESET LiveGrid® is designed to provide additional levels of security to your
computer. It constantly monitors your system's running programs and processes
against the latest intelligence collected from millions of ESET users worldwide.
Additionally, your system scans are processed faster and more precisely as the
ESET LiveGrid® database grows over time.
ESET's
cloud-based LiveGrid® technology comprises of several parts, which can be
roughly divided into three types of data which are sent from participating
clients' computers to our Security Research Lab: detection statistics (also
known as ThreatSense.Net), malicious and suspicious files,
and various metadata about files. All of this is vital for making detection more
effective. The information flows the other way (from the cloud to the client) as
well. The benefits of cloud-assisted scanning include a faster response time
(not having to wait for a full signature update), better scanning performance
(optimization) and a more accurate detection with less false
positives.
Comments
Post a Comment