If you think that authorities managed to take control of the annoying computer viruses roaming the online universe, then you better think again.
Ransomware, a particularly annoying breed of virus, is again spreading like the plague. This malware was programmed to lock the user out from their computer files until they pay up – and it is proving incredibly difficult to exterminate.
A major ransomware operation called Cryptolocker was supposedly halted by the U.S. Federal Bureau of Investigation (FBI) last May 2014, but security experts say, it is only a setback.
Cryptolocker was designed to use a massive network of hijacked computers called a "botnet" to spread the virus. The FBI, foreign law enforcement and private security companies teamed up to cut off communication between that botnet and victims' devices. They seized Cryptolocker's servers and replaced them with their own.
However, as antivirus maker Bitdefender points out, all that the effort accomplished was to stop Cryptolocker's virus delivery system. Cryptolocker lives on, and its criminal masters just need to find a new botnet to start delivering viruses to new computers once again.
If the criminals tweak the virus' code and find a different set of servers, law enforcement is back at square one.
"All the attackers need to do is update the malware," said Bogdan Botezatu, Bitdefender's senior threat analyst.
In just nine months, Cryptolocker had kidnapped the files of 400,000 people – most of them Americans. Victims were told to pay US$ 300 within three days in order to receive the key to their files. Only a tiny fraction of them paid up, but the criminals still collected more than US$ 4 million.
"This is a cyber stickup," said Julie Preiss, an executive at Damballa, a cybersecurity firm that assisted the FBI operation.
Even after Cryptolocker was disrupted, victims can still pay the ransom. But without the ability to communicate with Cryptolocker's network, the victims won't be able to get the keys to unlock their files. Those are gone forever.
And now copycats are popping up just about everywhere. These includes Cryptowall, BitCrypt and CryptorBit, which were all able to find a sneaky way to avoid law enforcement by hiding the locations of the botnet's servers.
Ransomware, a particularly annoying breed of virus, is again spreading like the plague. This malware was programmed to lock the user out from their computer files until they pay up – and it is proving incredibly difficult to exterminate.
A major ransomware operation called Cryptolocker was supposedly halted by the U.S. Federal Bureau of Investigation (FBI) last May 2014, but security experts say, it is only a setback.
Cryptolocker was designed to use a massive network of hijacked computers called a "botnet" to spread the virus. The FBI, foreign law enforcement and private security companies teamed up to cut off communication between that botnet and victims' devices. They seized Cryptolocker's servers and replaced them with their own.
However, as antivirus maker Bitdefender points out, all that the effort accomplished was to stop Cryptolocker's virus delivery system. Cryptolocker lives on, and its criminal masters just need to find a new botnet to start delivering viruses to new computers once again.
If the criminals tweak the virus' code and find a different set of servers, law enforcement is back at square one.
"All the attackers need to do is update the malware," said Bogdan Botezatu, Bitdefender's senior threat analyst.
In just nine months, Cryptolocker had kidnapped the files of 400,000 people – most of them Americans. Victims were told to pay US$ 300 within three days in order to receive the key to their files. Only a tiny fraction of them paid up, but the criminals still collected more than US$ 4 million.
"This is a cyber stickup," said Julie Preiss, an executive at Damballa, a cybersecurity firm that assisted the FBI operation.
Even after Cryptolocker was disrupted, victims can still pay the ransom. But without the ability to communicate with Cryptolocker's network, the victims won't be able to get the keys to unlock their files. Those are gone forever.
And now copycats are popping up just about everywhere. These includes Cryptowall, BitCrypt and CryptorBit, which were all able to find a sneaky way to avoid law enforcement by hiding the locations of the botnet's servers.
Comments
Post a Comment