Cryptolocker Copycats Emerge
Not surprisingly, new variations of the Cryptolocker ransomware are beginning to emerge. The latest is apparently less sophisticated but no less problematic.
Hot on the tail of devilish Cryptolocker comes a copycat software nasty that holds victim’s files to ransom – but the newcomer’s encryption is potentially breakable, we’re told.
Security startup IntelCrawler claims a “large-scale distribution” of the new so-called Locker malware began earlier this month.
Locker, once it has infected a PC, copies and encrypts a victim’s documents, adding a “.perfect” extension, and then deletes the original data. The trojan also places a contact.txt file in each directory containing contact details of the malware author – usually a throwaway mobile phone number or an email address..–The Register
But shortcomings in the programming will apparently make it possible for researchers to develop skeleton keys capable of unscrambling files on compromised kit. IntelCrawler’s researchers are working on a universal antidote.–The Register
As with other malware distribution networks, crime gangs are using a variety of methods to infect machines. Some are distributing it through spam while others are using landing pages that for example, host fake music track files. One example was a Tina Turner song, babyBaby.mp3.exe. —ZDnet
CryptoLocker Gang Earns Millions in Just 100 Days
Research by Dell Secureworks Counter Threat Team (CTU) has shown that the cyber-criminals behind the CryptoLocker ransomware have successfully infected up to 250,000 systems and are mainly targeting victims in the US and UK.
Based on the number of systems contacting a server set up specifically by Dell Secureworks soon after the emergence of CryptoLocker in September, researcher Keith Jarvis puts the number of infected systems globally at between 200,000 and 250,000.–http://www.ibtimes.co.uk By DAVID GILBERT | December 19, 2013
In his report, Jarvis estimates that on a very conservative basis just 0.4% of victims have paid the ransom since CryptoLocker appeared four months ago.
The average ransom paid is around $300 (£183) and combining these figures with the number of systems infected, means that the crooks behind CryptoLocker will have earned somewhere in the region of $300,000 in just 100 days.
However this figure could be many times larger as Jarvis says the 0.4% estimate is a “minimum” and is “very likely many times” more than this, meaning potential earnings could already be in the millions for the gang operating CryptoLocker.– http://www.ibtimes.co.uk By DAVID GILBERT | December 19, 2013