CryptoLocker Ransomware Scams Still Thriving, Reports Symantec
Symantec, which published its August 2014 ISTR, states that ransomware of the CryptoLocker type has jumped eightfold in infections against the number of January 2014, thus enormously keeping behind ransomware scams of fake police alerts.
When during late-May, same year, the banker Trojan GameOver ZeuS' botnet was disrupted, a vital distribution vector that the botnet served for disseminating CryptoLocker was greatly affected.
Ever-since, security companies created a service which enables file recovery for the victims of CryptoLocker devoid of succumbing to ransom payments to extortionists.
FBI's computations starting June indicate that approximate 545,000 PCs globally, with 50% of that number found inside USA, contracted CryptoLocker, during September 2013-May 2014. The sums lost due to this malware were $27 million (16m pounds).
CryptoLocker, at its peak, proved extremely successful. Even today, it's well-known via its "tribute bands" form despite the effective neutralization of its main scam.
According to Symantec, the CryptoLocker type of ransomware has gained over 700% rise till date.
These ransomware editions of file-encryption started with 1.2% of the total ransomware infections in January 2014, however, currently account for 31% in August-end 2014. A particular strain called Trojan.Cryptodefense started emerging in massive detections during early-June. When it was July-end, the strain accounted for 77% of the total CryptoLocker-kind ransom scams in 2014 as of now. Symantec, in its ISTR predicts that CryptoLocker is set to get increasingly frequent during 2014.
In June, July then August, spear-phishing electronic mails that were blocked daily averaged at 88, 54 and 20 respectively, all of them lower than the mean 86 of 2014 till date, while a little more compared to the mean 84, on the daily basis, for entire 2013. These personalized e-mail-type assaults used .doc and .exe extensions most commonly for their embedded malicious files, while the attachments having .exe extension were the maximum in August at 31.8%. Manufacturing sector got 29% of all targeted spear-phishing messages, once again making the sector the highest recipient among all industrial sectors.
Finally, a total of 12 incidences exposed 31.5m-or-more user identities during August 2014, a hike attributed to an extensive hack within South Korea that involved 27m identities.
» SPAMfighter News - 9/30/2014