Ransomware Expands Crypto-Extortion from Adult Sites to HR Departments.
(Tampa Bay, FL) May 19, 2014 --CryptoLocker is ratcheting up attack levels, according to new reports issued by KnowBe4, a Tampa Bay based security company. The latest infections are caused by emails sent to companies that have job postings at Craigs List. The bad guys look for job postings, and send resumes carrying the Cryptolocker malware as a payload. The moment anyone opens these resumes, the ransomware kicks in and downtime is the result. People involved with hiring are very often the people with the most access; the owner, CEO, HR or department heads.
On the heels of CryptoLocker comes Kovter, a new strain of ransomware that targets visitors of adult porn sites. This malware scans your browser history and displays this content while locking your computer as “evidence”. If it doesn’t find any, it will invent it by redirecting your browser to a random adult site, the log the history and display its content. Its prevalence has doubled in the past month, according to reports by threat researchers at Damballa, an Atlanta-based security firm.
According to Stu Sjowerman, CEO of KnowBe4, “These method pose a high risk to companies looking to hire along with individual users. The cybergangs running these Crypto-variants will try any number of things to outdo each other and take your hard earned money. Since the weakest point in any security model is the person who touches the keyboard, it is vital to educate users what to look for and stepping them through Security Awareness Training will make them think twice before clicking on a link.”
The online IT community Spiceworks and their forums are full of horror stories of companies getting hit with CryptoLocker and CryptoDefense. One thread that is incredibly popular has the title:"We fought a cryptovirus (and the virus won)." The discussion goes on for many pages and indicates the level worry about this new wave of ransomware.
According to Sjouwerman (pronounced “shower-man”), “Working backups are essential. How much of a danger these present can largely depend on how you have organized your backups. Mitigating the many "crypto" infections can take a few hours to a few days, and can vary from an annoyance to significant losses.”
The United States Computer Emergency Readiness Team (US-CERT) has posted warnings about Cryptolocker and include steps for prevention: http://www.us-cert.gov/ncas/alerts/TA13-309A
For more information, visit www.KnowBe4.com
About Stu Sjouwerman and KnowBe4
Stu Sjouwerman (pronounced “shower-man”) is the founder and CEO of KnowBe4, LLC, which provides web-based Security Awareness Training (employee security education and behavior management) to small and medium-sized enterprises. A data security expert with more than 30 years in the IT industry, Sjouwerman was the co-founder of Inc. 500 company Sunbelt Software, an award-winning anti-malware software company that he and his partner sold to GFI Software in 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help entrepreneurs tackle cybercrime tactics through advanced security awareness training. KnowBe4 services hundreds of customers in a variety of industries, including highly-regulated fields such as healthcare, finance and insurance and is experiencing explosive growth with a surge of 427% in 2013 alone. Sjouwerman is the author of four books, with his latest being Cyberheist: The Biggest Financial Threat Facing American Businesses.
Related Pages: Spear Phishing