Bitcoin Ransomware Now Spreading via Spam Campaigns
Security firms McAfee Labs and Symantec have issued warnings that a type of bitcoin-demanding ransomware, CTB-Locker, is now being propagated through spam campaigns. The malware, the name of which stands for 'Curve Tor Bitcoin Locker', was first identified last year. However, the spam distribution approach appears to be a relatively new development. McAfee published its latest advisory last week, describing CTB-Locker as a form of ransomware that encrypts files on the target computer. Anecdotal evidence suggests .jpg image files are a frequent target. The victim then has to pay a ransom to....
Related News
It is well worth noting how the campaign creators heavily relied on the Neutrino exploit kit. Some readers may recall this name, as it is the preferred way of spreading Bitcoin ransomware on a large scale. Over the past few months, there have been multiple malvertising campaigns.The primary objective of these campaigns is to infect Internet users with ransomware and other malware. Cisco’s Talos Group successfully shut down one of these campaigns, which was relying on the Neutrino Exploit Kit. A significant success for security researchers, albeit the war is far from over. Bringing....
Locky ransomware has been infecting computers and networks all over the world in the past few months. Amazon customers have been deliberately targeted through malicious Microsoft Word documents to spread this malware. Comodo Threat Research Labs discovered this spear phishing campaign. Security researchers labeled it as one of the largest spam ransomware attacks of 2016. This attack took place on May 17 and last for twelve hours. During this time, 30 million spam messages have been sent out to Amazon users under the disguise of being an order shipment update notification. Spreading Locky....
Locky remains one of the biggest ransomware threats to this very date. Now that the Necurs botnet is back, it looks like a new version of Locky Bitcoin ransomware is available as well. A new spam campaign is underway to infect as many computers as possible. Roughly three weeks ago, the Necurs botnet suddenly went offline, leaving security researchers puzzled as to what happened to it. This reprieve was rather short-lived, however, as the botnet returned in full force a few days ago. Moreover, it is spreading an improved version of both Locky ransomware and the Dridex banking trojan. Necurs....
Distribution of this malware is showing signs of innovation as well. Criminals have been switching between exploit kits, spam campaigns, and social engineering attacks to secure their payday. The topic of ransomware never seems to be far away these days. Online threats are a significant concern for both individual users and enterprises around the world. With the first half of 2016 behind us, it is evident ransomware will not go away anytime soon. Enterprises lost US$209m due to these attacks in the first six months of 2016. Ransomware Leads To Mounting Financial Losses. The new report,....
For those of you who feel the need to check through every email you get, including everything that shows up in your dreaded spam folder, you might want to rethink your methods from here on out. McAfee has issued a warning to users that a new form of bitcoin ransomware known as CTB-Locker is now being sent to personal computers through a spam campaign. While first identified in 2014, CTB, or "Curve Tor Bitcoin" Locker is still a relatively new development that have made some of the affected users ask the same question "What is bitcoin?". The ransomware is a sneaky form of malware that....