[ISN] Ransomware going strong, despite takedown of Gameover Zeus

http://arstechnica.com/security/2014/09/ransomware-going-strong-despite-takedown-of-gameover-zeus/ By Robert Lemos Ars Technica Sept 7 2014 In late May, an international law enforcement effort disrupted the Gameover Zeus (GoZ) botnet, a network of compromised computers used for banking fraud. The operation also hobbled a secondary, but equally important cyber-criminal operation: the Cryptolocker ransomware campaign, which used a program distributed by the GoZ botnet to encrypt victims’ sensitive files, holding them hostage until the victim paid a fee, typically hundreds of dollars. The crackdown, and the subsequent discovery by security firms of the digital keys needed to decrypt affected data, effectively eliminated the threat from Cryptolocker. Yet, ransomware is not dead, two recent analyses have found. Within a week of the takedown of Gameover Zeus and Cryptolocker, a surge of spam with links to a Cryptolocker copycat, known as Cryptowall, resulted in a jump in ransomware infections, states a report released last week by security-services firm Dell Secureworks. Cryptowall first appeared in November 2013, and spread slowly, but the group behind the program were ready to take advantage of the vacuum left by the downfall of its predecessor. Being prepared paid off: In six months, the Cryptowall group infected nearly 625,000 systems, and even though only 0.27% of victims paid, the group still made $1.1 million, according to data from a command-and-control server discovered by Dell Secureworks. Ransomware is here to stay, the company concluded. […]




Facebooktwittergoogle_plusredditpinterestlinkedinmail