Ransomware no cause for New Year celebration: Sophos

Dec 16, 2013 by Nancy Owano weblog
Ransomware no cause for New Year celebration: Sophos
Cryptolocker encrypts a victim’s files and demands a ransom.

(Phys.org) —From operating systems on desktops to software and peripherals on smartphones, information thieves have been clever, inventive and successfully stealthy in finding pathways for stealing personal information. Malicious software is alive and well; one only has to glance at the daily headlines reporting on security exploits in government and the private sectors. A new report from the security firm Sophos, "Security Threat Report 2014," calls attention to the latest types of security headaches. They include ransomware, the type of malicious software that locks you out of your computer or your data and demands money to let you back in. Ransomware itself is nothing new, as a ploy to make files inaccessible, and then demanding money from the victim before the attackers hand back control of the system to the victim.

But this year Sophos security experts saw a newer ransomware version, called Cryptolocker. In a blog posting about the report, company CTO Gerhard Eschelbeck called Cryptolocker an exceptionally nasty strain, locking users out of their files with the use of "extremely strong" encryption. The Cryptolocker thieves have thus far been successful in getting their victims to pay large sums, in electronic payments. The report said that Cryptolocker is ransomware that "adds itself to the list of Windows programs that run at startup, tracks down an infected server, uploads a small ID file from your computer, retrieves a public key from that server (which stores a matching private key), and then encrypts all the data and image files it can find on your computer."

Attack points may be via e-mail spam but Cryptolocker often arrives through botnets. Generally, said the BBC, in reporting on the Sophos findings, cybercrime kits have helped many people with only light technical skills enter the world of high-tech crime for the first time; with some kits even offering technical support for those who need advice on how to roll their own malicious programs, and have been a contributing factor to the rise in malicious programs circulating online. The BBC said that one study of some servers run by the criminals behind Cryptolocker indicated 12,000 victims a week were being hit.

The Sophos report said ransomware targeted against Android devices has been noticed. In June, Sophos researcher Rowland Yu discovered the first ransomware attack against Android devices. Posing as an antivirus solution the ransomware app asked for a $99.99 payment to restore access to Android devices.

The new Sophos security threat report was released on December 10. Later that week, the Sophos blog issued a specific warning about ransomware, predicting its rise. "Ransomware, including the infamous file-encrypting Cryptolocker, posed a major threat in 2013. But this cyber-crimewave could get much worse in 2014." According to the blog posting, cybercriminals are plotting to create new ransomware using automated malware kits.

James Lyne, global head of research at Sophos, told BBC News that "Cryptolocker is very much a deviation from the norm, and I actually think it is a sign of things to come."

Explore further: What to do when your computer gets kidnapped by ransomware

More information: Report: www.sophos.com/en-us/medialibrary/PDFs/other/sophos-security-threat-report-2014.pdf

Related Stories

UK warns of ransom scam targeting 10s of millions

Nov 15, 2013

(AP)—British officials issued an unusually stark alert about a cyberscam that locks users out of their computers unless they pay a ransom, saying Friday that tens of millions of people may soon be targeted.

Spain busts 'ransomware' cybercrime gang

Feb 13, 2013

(AP)—Spanish authorities on Wednesday announced the breakup of a cybercrime gang that used a "ransomware" virus to lock computers throughout Europe, display false messages claiming the action was taken by police and demand ...

Recommended for you

Hackers of Oman news agency target Bouteflika

16 hours ago

Hackers on Sunday targeted the website of Oman's official news agency, singling out and mocking Algeria's newly re-elected president Abdelaziz Bouteflika as a handicapped "dictator".

Health care site flagged in Heartbleed review

Apr 19, 2014

People with accounts on the enrollment website for President Barack Obama's signature health care law are being told to change their passwords following an administration-wide review of the government's vulnerability to the ...

User comments : 0

More news stories

Poll: Big Bang a big question for most Americans

Few Americans question that smoking causes cancer. But they have more skepticism than confidence in global warming, the age of the Earth and evolution and have the most trouble believing a Big Bang created the universe 13.8 ...

Making graphene in your kitchen

Graphene has been touted as a wonder material—the world's thinnest substance, but super-strong. Now scientists say it is so easy to make you could produce some in your kitchen.