Huge Ransomware Campaign Hits Internet

Latest news
PC Virus Attacks IU Health Goshen Hospital Server Unusual Malware Obtainable from Romanian Social Welfare Website Ascend Media Litigated by Facebook for Malware and Scam FDA Employees File Lawsuit, Claiming the Agency Used Spyware against Them Sheriff Cautions Grant County Citizens about New Phishing E-mail

Support our Sponsors

uClip Clipping Path Service

Main Menu

Resources

Login
Username Password Remember Me Forgot your password? Forgot your username? Create an account

Syndicate

Popular
Amazon Accountholders get Fresh Phishing E-mail Enterprises Facilitated through Malware Circulation in Government Cyber-criminals Execute e-Payment Malware Assault Eleven Survey Rated Spam the Biggest E-mail Security Threat in Ten Years Websites Diverting End-users onto ‘Blackhole’ Increasing Within Russia: ESET

Trampolines usa

Huge Ransomware Campaign Hits Internet

Written by Administrator

Saturday, 13 March 2010 08:00

According to Fortinet, an Internet security firm, miscreants recently hit Internet with a massive campaign of ransomware, as per the news published on NETWORKWORLD on March 6, 2010.

Spotted by Fortinet, the HTML/Goldun.AXT campaign made up for over half the overall malware identified for the entire month of February 2010. This happened within the time period of just two days, i.e. February 8 and 9, 2010, pointing towards its unusual magnitude.

The daily detected amount for HTML/Goldun.AXT ransomware containing malicious e-mails was quite near the record levels during these two days. The campaign used the filename "report.zip" to deliver the malware, which when executed would download rogue AV.

This malware actually downloaded "Security Tool", a ransomware. Security Tool is an advanced version of "Total Security," a group of scareware which was prevalent in 2009.

The e-mail used in this HTML/Goldun.AXT campaign might appear familiar because the campaign has already been experienced by people back in year 2008. It was during the end of the year, when the first huge flood of scareware hit the cyberspace, said Fortinet. A similar spam template delivered the Goldun Trojan at that time. Now, criminals are using it to distribute the FakeAV downloader which installs Security Tool.

Compared to the older one, this campaign uses more recently evolving techniques, according to the experts. In this case, besides asking the victim to purchase a futile license for the scareware, the product also blocks the computer system's applications and data. Not only this, infected user gets an access only after making the payment for the product via Internet Explorer, the only application left unlocked.

The variation is that a default ransom-oriented approach has substituted old school scareware. The old-style scareware works on the assumption that users are unaware that they are being scammed, whereas the latest one assumes that the users will be well-informed of being scammed but won't know the way to come out of it.

Researchers, in this context, commented that the threat predictions for 2010 regarding "rise of ransomware" appear turning true, as evident from flood of volume Fortinet witnessed in this single campaign.

Read full article...