According to research from computer security firm Malwarebytes, Ransomware is fast becoming a ubiquitous security threat, with nearly 40% of all businesses experiencing an attack in the past year. Cybercriminals are looking for easier ways to earn higher profits from more lucrative targets, which can be achieved by ransomware. Ransomware has grown up and being used by an attacker at a higher rate, affecting many organizations.
Just like in 2016, when ransomware demonstrated that it’s the biggest security threat, we also witnessed some remarkable countermeasures and prevention steps in February 2017. Here are some top stories that depict that how this battle went last month:
1, Feb 2017:
Researchers at Avast added three more ransomware decryptors to their collection that can restore data encrypted by some devastating ransomware: Jigsaw, HiddenTear, and Stampado/Philadelphia for free. Avast now offers a total of 15 automatic decryption solutions.
3, Feb 2017:
A mysterious ransomware attacked the IT infrastructure of Licking County, Ohio. The compromise exaggerated a number of the County’s critical services, including the official website, phone systems and internal computer network.
3, Feb 2017:
United Kingdom’s National Crime Agency (NCA) detained two 50-year-old individuals in London who supposedly infected the closed-circuit television network of Washington, D.C with ransomware. The attack was initiated in the mid of January and disabled 65% of the US capital’s CCTV systems.
6, Feb 2017:
Android ransomware is rapidly evolving into a more intelligent and flexible menace. The sample called “Android.Lockdroid.E” has become one of a kind as it influences a hidden dropper that first determines whether a phone is rooted or not, and then adjusts its activity.
7, Feb 2017:
A new crypto threat came to exist, known as Erebus. At first it appeared as run-of-the-mill, but it withstands out from others in several ways. Erebus simply evades User Account Control prompt and demands a comparatively low ransom of .085 BTC ($90) for decrypting hostage files.
9, Feb 2017:
A new ransomware “Serpent” from HadesLocker family found to be proliferating via spam and uses Microsoft Word macros vulnerability to infect computers. At present it targets Danish users, influences a combo of AES-256 and RSA cryptosystems, and demands .75 BTC for decryption.
14, Feb 2017:
Security geeks from the Georgia Institute of Technology took the floor at the RSA Conference to present their proof-of-concept ransomware that affects Supervisory Control and Data Acquisition (SCADA) environments and Industrial Control Systems (ICS).
15, Feb 2017:
I have been revealed that the most recent edition of the “Cerber” ransomware does not encode data related to security solutions. It goes operational with a white listing feature to pass over files used by firewalls, antispyware and antivirus software. This may be an exhibit of defiance by the extortion crew.
21, Feb 2017:
ESET published an inclusive report on Android ransomware trends. According to their findings, threat actors are progressively targeting the Asian market more. Malicious android files typically arrive with spam from unofficial app download resources.
22, Feb 2017:
A ransom trojan called The Trump Locker became known in the cybercrime arena. It uses nearly the same code as the previously known Venus Locker infection. The Trump Locker uses two different extensions (.TheTrumpLockerf and .TheTrumpLockerp) to stain different types of files and requests $50 worth of Bitcoin for decryption.
23, Feb 2017:
A new modification of Android.Lockdroid.E ransomware featured in an exceptional way of interacting with victims. The ransomware requires the infected user to hit a specified button after it is successfully introduced to the victim’s computer and pronounce the attained unlock code. Moreover, speech recognition functionality has never been used by online extortionists before.
The emergence of growingly complex ransomware proves that the evolution of ransomware is ongoing. So, backing up your data properly on a regular basis is highly critical. Moreover, also make sure that keep your backups are not always connected to your devices, otherwise, your backups could also be held ransom as well.