Here Are Some New And Improved Ransomware Variants Out In The Wild

Here Are Some New And Improved Ransomware Variants Out In The Wild

By now, you should be very familiar with ransomware and just how prevalent they are on the internet. It’s a global problem but Australia has become a popular target for this kind of cyberattack which can hold computers to ransom. While the IT security industry is constantly finding new ways to combat this type of threat, cybercriminals are just as quick in developing new varieties of ransomware to evade detection and mitigation. Here are a few new and interesting strains of ransomware that have been spotted by security vendor FireEye.

Ransomware image from Shutterstock

These new ransomware variants use a number of new tactics to increase their chances of infecting computers they target, according to the FireEye research team:

  • Chimera: The operators behind the Chimera ransomware not only used the malware to encrypt victims’ files, but further threatened to publish the encrypted data if victims failed to pay the ransom. The threat actors began targeting German-based small and medium-sized business enterprises around mid-September 2015.
  • Ransom32: Ransom32, first publicly reported in late December 2015, is purportedly one of the first ransomware variants based entirely on JavaScript, potentially allowing for cross-operating system (OS) compatibility and packaging for both Linux and Mac OS.
  • LowLevel04: According to open-source reporting, operators of LowLevel04 purportedly spread the ransomware using the unconventional infection mechanism of exploiting Remote Desktop and Terminal Services.
  • Linux.Encoder.1: According to open-source reporting, Linux.Encoder.1 debuted in late 2015 as one of the first ransomware variants targeting Linux web-based servers. While the encryption capabilities of the earliest variants proved to be suspect – with multiple reports alleging faults in its predictable encryption key — the targeting associated with this malware family represents a deviation from more traditional Windows-based attacks.

Another thing that the FireEye team has noticed is that ransomware cybercriminals are loving the attention they are getting in the media. This may have encouraged more ransomware activity, which would explain the spike in ransomware attacks in the month of March. But it’s better to keep the public informed about the dangers of ransomware so that people can be more vigilant about these potential threats.

[Via FireEye Threat Research blog]

Comments

Show more comments

Comments are closed.

Log in to comment on this story!