TMCnet News
United States : SYMANTEC finds ransomware called CRYPTODEFENSE mimicking CRYPTOLOCKER [TendersInfo (India)](TendersInfo (India) Via Acquire Media NewsEdge) Symantec found one ransomware sample called CryptoDefense, that resembles CryptoLocker an infamous ransomware, while security researchers examine the new malware. CryptoDefense, just like CryptoLocker, compromises a PC encodes the system's critical data-files while keeping them unlocked till the victim pays a ransom amount. The ransom asked amounts of $500 that must be paid in bitcoins through an Tor-hosted website that hides the cyber-criminals from getting traced. The payment must be done in 4-days time failing which the demanded amount will become twofold. The crooks use RSA 2048 encoding key to ensure that the encoded files can't get retrieved unless the ransom is paid. Symantec researchers observe CryptoDefense getting distributed through spam mails impersonating a PDF file. The malware links up with 4 distant URLs for transmitting essential data from the contaminated PC. Thereafter, encoding of the data-files occurs through which the malware sends the encryption key back to its command and control server. The malware adds instructions for the victim, along with the sum to be paid, to all the directories having the encrypted files. There s certain method by which the victims can regain the locked files though this is impossible because the developers of RSA 2048 encryption overlook the non-removal of the decryption code. But, since getting the decryption code requires some technical knowledge, an average end-user could not manage to liberate himself from the CryptoDefense's fetters. One major drawback of CryptoDefense is that $34,000 got yielded to the malware's handlers within just one month. Symantec also stated its researchers had already stopped 11,000 contaminations from CryptoDefense within 100-or-more countries. USA had the maximum while other countries affected were Canada, UK, Holland, Italy, India, Japan and Australia. (c) 2014 Euclid Infotech Pvt. Ltd. Provided by Syndigate.info, an Albawaba.com company |