Explore the latest news and trends  

Sign up for our weekly security newsletter

Be the first to receive important updates on security


Trend Micro warns that New Variant of CryptoLocker Spreads via Removable Drives

Security firm Trend Micro cautions that cybercriminals have brewed up a variant of the infamous CryptoLocker ransomware dubbed CRILOCK-A using worm-like characteristics to spread across removable or detachable drives.

The latest edition can distribute more effortlessly than previous forms of CryptoLocker. It is notable because it comes under hidden disguises of various types, highlights Trend Micro.

The malware was analyzed and identified as WORM_CRILOCK.A which demonstrates that this can distribute via removable or detachable drives and this update is considered important as this routine was never heard in other variants of CRILOCK. The adding of propagation features means that the malicious software can easily spread contrasting other CRILOCK variants.

The latest malware has many differences from popular CryptoLocker variants besides its technique of propagation. Instead of relying on a downloader - mostly UPATRE - to taint computers, this malware tends to be a starter for numerous software like 'Adobe Photoshop' and 'Microsoft Office' in peer-to-peer (P2P) file sharing websites. Uploading the malware in P2P websites allows hackers to easily taint computers without creating or sending spammed messages.

WORM_CRILOCK, further analysis, highlights that it has a bleak difference contrasting to previous editions and the malware has inevitable DGA (domain generation algorithm). Instead its C&C (command-and-control) servers are hard-coded into the malware and hard-coding the links makes it simpler to identify and block the interconnected nasty URLs. DGA in contrast, may allow scammers to evade identification as it employs a huge number of potential domains which means the badware is still in the course of being polished and improved upon. Therefore, we anticipate latter editions to have the DGA ability.

Regardless of its inventor, which may be different than previous CRILOCK, WORM_CRILOCK.A could become the new preferential method of attack by criminals.

Users must not use P2P websites to get replicas of software and they must constantly download software only from lawful and/or reputed sites. Since WORM_CRILOCK has the ability to distribute via removable or detachable drives, Internauts must also exercise caution when employing flash drives and the likes. However, Trend Micro advises users not to connect their removable drives into machines that are unfamiliar or unknown.

ยป SPAMfighter News - 1/9/2014

3 simple steps to update drivers on your Windows PCSlow PC? Optimize your Slow PC with SLOW-PCfighter!Email Cluttered with Spam? Free Spam Filter!

Dear Reader

We are happy to see you are reading our IT Security News.

We do believe, that the foundation for a good work environment starts with fast, secure and high performing computers. If you agree, then you should take a look at our Business Solutions to Spam Filter & Antivirus for even the latest version of Exchange Servers - your colleagues will appreciate it!

Go back to previous page