Ransomware gangs are now using spear phishing techniques to deliver CryptoLocker like malware. White list based security solutions (like PC Matic) appear to be the best hope for safety–PC Pitstop
Ransomware Goes SpearPhishing
By Stu Sjouwerman, for KnowBe4.com Security Awareness Training
You may be familiar with a site called Spiceworks. They have free system admin and network management software, and their business model is advertising to the hundreds of thousands that use the software. Their forums are a great indicator of what happens in the trenches of defending against malware. One thread that is incredibly popular has the title: “We fought a cryptovirus (and the virus won).”
The discussion goes on for many pages and indicates the level worry about this new wave of ransomware. Another indicator is Google Trends, which is currently at “100” which represents the peak search interest for the term CryptoLocker, and indicates that the level of infections out there is going up.
It looks like the CryptoLocker gang is ratcheting up their attack level, probably as a response to competition from the CryptoBit and CryptoDefense gangs. The latest infections are caused by emails sent to companies that have job postings at Craigs List. The bad guys look for job postings, and send resumes carrying the Cryptolocker malware as a payload.
This excerpt appears with permission from knowbe4.com.
