By now, you should be very familiar with ransomware and just how prevalent they are on the internet. It's a global problem but Australia has become a popular target for this kind of cyberattack which can hold computers to ransom. While the IT security industry is constantly finding new ways to combat this type of threat, cybercriminals are just as quick in developing new varieties of ransomware to evade detection and mitigation. Here are a few new and interesting strains of ransomware that have been spotted by security vendor FireEye.
Ransomware image from Shutterstock
These new ransomware variants use a number of new tactics to increase their chances of infecting computers they target, according to the FireEye research team:
- Chimera: The operators behind the Chimera ransomware not only used the malware to encrypt victims’ files, but further threatened to publish the encrypted data if victims failed to pay the ransom. The threat actors began targeting German-based small and medium-sized business enterprises around mid-September 2015.
- LowLevel04: According to open-source reporting, operators of LowLevel04 purportedly spread the ransomware using the unconventional infection mechanism of exploiting Remote Desktop and Terminal Services.
- Linux.Encoder.1: According to open-source reporting, Linux.Encoder.1 debuted in late 2015 as one of the first ransomware variants targeting Linux web-based servers. While the encryption capabilities of the earliest variants proved to be suspect – with multiple reports alleging faults in its predictable encryption key — the targeting associated with this malware family represents a deviation from more traditional Windows-based attacks.
Another thing that the FireEye team has noticed is that ransomware cybercriminals are loving the attention they are getting in the media. This may have encouraged more ransomware activity, which would explain the spike in ransomware attacks in the month of March. But it's better to keep the public informed about the dangers of ransomware so that people can be more vigilant about these potential threats.