Cryptolocker spawns new variant
Posted by: Timothy Weaver on 01/02/2014 05:07 PM
[
Comments
]
A variant of the infamous CryptoLocker ransomware is spreading across removable drives.
CRILOCK-A variant spreads easier than previous versions. Its hook is in an offer for fake Adobe Photoshop and Microsoft Office software activators.
Analysis of the malware, detected as WORM_CRILOCK.A, shows that this malware can spread via removable drives. This update is considered significant because this routine was unheard of in other CRILOCK variants. The addition of propagation routines means that the malware can easily spread, unlike other known CRILOCK variants.
Aside from its propagation technique, the new malware bears numerous differences from known CryptoLocker variants. Rather than relying on a downloader malware — often UPATRE — to infect systems, this malware pretends to be an activator for various software such as Adobe Photoshop and Microsoft Office in peer-to-peer (P2P) file sharing sites. Uploading the malware in P2P sites allows bad guys to easily infect systems without the need to create (and send) spammed messages.
Trend Micro has commented on how to protect a computer and a network against CryptoLocker malware in a blog post here.
CRILOCK-A variant spreads easier than previous versions. Its hook is in an offer for fake Adobe Photoshop and Microsoft Office software activators.
Analysis of the malware, detected as WORM_CRILOCK.A, shows that this malware can spread via removable drives. This update is considered significant because this routine was unheard of in other CRILOCK variants. The addition of propagation routines means that the malware can easily spread, unlike other known CRILOCK variants.
Aside from its propagation technique, the new malware bears numerous differences from known CryptoLocker variants. Rather than relying on a downloader malware — often UPATRE — to infect systems, this malware pretends to be an activator for various software such as Adobe Photoshop and Microsoft Office in peer-to-peer (P2P) file sharing sites. Uploading the malware in P2P sites allows bad guys to easily infect systems without the need to create (and send) spammed messages.
Trend Micro has commented on how to protect a computer and a network against CryptoLocker malware in a blog post here.
Comments
