Microsoft Reveals that Levels of Reveton Ransomware Doubled in 2013

V3.co.uk reported on 8th May, 2014 stating that the number of cyber attacks using the infamous Reveton ransomware has doubled over the past year.

V3.co.uk published news on 8th May, 2014 quoting a blog post about Microsoft Trustworthy Computing's (TwC's) Intelligence Report Volume 16 for the period July to December 2013 by Tim Rains, Director of TwC as "the attacks tended to look like frenzied waves targeting specific regions."

Rains said that the threat of top ransomware (Reveton) encountered increased by 45% globally between the first and second halves of 2013.

Rains added that as per data, threats of ransomware are typically concentrated geographically for time periods as cybercriminals try to make quick money which is an increasingly interesting tactic.

The growth in Reveton ransomware happens in spite of arrest of one of its creators in 2013, which underlines the difficulties in stopping criminals from using tools for fraudulent purposes.

Reveton ransomware is a dangerous form of malware which particularly locks the screen of the infected machine. The attackers normally demand ransom from the victim to unlock the machine.

This and other families like Urausy and Crilock/CryptoLocker normally send an alert purporting to be from FBI or a law enforcement agency. Darkreading.com published a report quoting Holly Stewart, Senior Program Manager of Microsoft Malware Protection Center, as saying "even if victims pay the ransom, there is no guarantee of getting their files back nor getting the control of their computers. Also if you pay, then you create a risk of being identified as an easy target who will pay."

It (ransomware) is mostly active in Europe mainly in Italy, Belgium, Spain, Greece, Portugal and Austria. She says that in 4th Quarter of 2013, Crilock was encountered in six computers out of 10,000, whereas in Europe - Reveton was encountered in seven computers out of 1,000. Similarly, UK encountered Crilock in five computers out of 10,000.

In view of this new information about cyber-threats and ransomware, Microsoft advises customers to be protected by taking and following precautions like: use latest software whenever possible and keeping it updated, running good antivirus, downloading from only trusted sources and keeping files as back up.

» SPAMfighter News - 5/22/2014