Ransomware Is Evolving

Do you remember the WannaCry ransomware?

It ran rife about 18 months ago locking down an estimated 200,000 computers owned by giants such as Boeing, Renault, FedEx, and Telefónica.

The disaster could have been averted if the companies in question had applied patches. The interesting thing about WannaCry and the reason for its rapid spread is that it contained a worm component.

Despite news about it abating, WannaCry is still very much with us. In fact, according to a recent blog on BullGuard, 17% of ransomware attacks in Q3 of 2017 were due to WannaCry, and in Q3 of 2018, that number rose to 29%.

There’s a new malware in town

Many types of ransomware are opportunistic. Their modus operandi is a simple automation, like infected email attachments, sent to a vast number of potential victims.

However, a new kid on the block, SamSam, does things a bit differently.

This ransomware has been around for a while. However, according to BullGuard, a group of cyber fraudsters have used it to successfully extort $6 million over the past two and a half years.

Unlike other attacks, they’ve adopted a manual approach making it hard to detect and difficult to stop.

It’s unlikely to affect home users because the crooks are targeting large corporations in search of massive ransoms.

However, it does show that you can never be complacent when it comes to cyber protection. New ideas are always emerging along with new methods of attack. That’s why it’s essential you make sure a trusted cybersecurity product protects you and your data.

 

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.

Source: BullGuard

Malware – There’s A New One In Town

A powerful malware is spreading through phishing campaigns using a Microsoft Word attachment.

It’s called Smoke Loader, and, according to Bullguard, has several components:

  • It can download browser plug-ins for Firefox, Internet Explorer, Chrome, Opera, QQ Browser browsers and Thunderbird and Outlook email clients
  • These plug-ins steal stored credentials, such as passwords, and also sensitive information transferred over a browser
  • The malware is injected into applications like TeamViewer, an application that allows users to remotely view others desktops

Although it’s been around for some years, it has become increasingly sophisticated.

Its creators have recently added anti-analysis techniques to make forensics difficult. As a result, it’s harder to trace the source of the servers. Plus new runtime AV scanners, tracing, and debugging features to confound researchers who try and find out more about it.

Keep your eyes peeled

The best way to guard against phishing campaigns, other than using good security software, is to be on your guard.

Phishing emails contain some form of bait message, such as an invoice, a parcel for collection or a PDF requiring downloading.

You can protect yourself by:

  • Casting a healthily suspicious eye on an unexpected email promising something
  • Questioning emails from apparently legitimate organisations with which you have had no dealing. Cybercrooks are good at mocking up emails that appear to be legitimate
  • Looking out for spelling or syntax errors; these are often clues that the email is not what it claims to be
  • Never revealing your personal information such as passwords, bank account numbers and card information even if the mail appears to be from your bank. If in doubt call your bank and speak to someone in the fraud department

MPM Computer Consultancy provides IT Services, Support and Training to sole traders and small businesses in Ipswich, Bury St Edmunds, and surrounding villages.

Source: Bullguard