Huge Ransomware Campaign Hits Internet
According to Fortinet, an Internet security firm, miscreants recently hit Internet with a massive campaign of ransomware, as per the news published on NETWORKWORLD on March 6, 2010.
Spotted by Fortinet, the HTML/Goldun.AXT campaign made up for over half the overall malware identified for the entire month of February 2010. This happened within the time period of just two days, i.e. February 8 and 9, 2010, pointing towards its unusual magnitude.
The daily detected amount for HTML/Goldun.AXT ransomware containing malicious e-mails was quite near the record levels during these two days. The campaign used the filename "report.zip" to deliver the malware, which when executed would download rogue AV.
This malware actually downloaded "Security Tool", a ransomware. Security Tool is an advanced version of "Total Security," a group of scareware which was prevalent in 2009.
The e-mail used in this HTML/Goldun.AXT campaign might appear familiar because the campaign has already been experienced by people back in year 2008. It was during the end of the year, when the first huge flood of scareware hit the cyberspace, said Fortinet. A similar spam template delivered the Goldun Trojan at that time. Now, criminals are using it to distribute the FakeAV downloader which installs Security Tool.
Compared to the older one, this campaign uses more recently evolving techniques, according to the experts. In this case, besides asking the victim to purchase a futile license for the scareware, the product also blocks the computer system's applications and data. Not only this, infected user gets an access only after making the payment for the product via Internet Explorer, the only application left unlocked.
The variation is that a default ransom-oriented approach has substituted old school scareware. The old-style scareware works on the assumption that users are unaware that they are being scammed, whereas the latest one assumes that the users will be well-informed of being scammed but won't know the way to come out of it.
Researchers, in this context, commented that the threat predictions for 2010 regarding "rise of ransomware" appear turning true, as evident from flood of volume Fortinet witnessed in this single campaign.
Related article: Hack.Huigezi Virus Attacks China PCs Rapidly
» SPAMfighter News - 13-03-2010