It’s Baaack – The Return of CryptoLocker

Since last week I’ve been following some fascinating reports about the return of this ransomware behemoth. There are increasing accounts about the resurgence of CryptoLocker ransomware.  As we have learned with Lazarus Group and Shamoon, just because it’s dormant doesn’t mean it’s dead.

Attacks have been steadily climbing since January. And what is interesting is how attackers are leveraging the Certified Electronic Email in Italy to spread the joy. This service is used by people who want the assurance they are getting a high level of security. The attack vehicle was a carefully crafted email featuring a digital signature to appear very trustworthy. Attackers utilized Italy’s Certified Electronic Email which legally is like a registered letter, to deliver invoices hiding spam. And it worked. This parallels the similar rise in Dridex in Switzerland reported mid February, again leveraging trusted email providers. As we know, phishing works. “Trust” works. Put the two together … …Attacks were predominantly in Europe, the staging ground for Russian cybercriminals before they launch their malware on America.  Attacks are now heavy in the Netherlands, and have landed on American shores as confirmed by Microsoft’s Malware Protection Center.

Sources: https://www.scmagazine.com/cryptolocker-bursts-onto-scene-again-targeting-europe-and-us/article/641731/

https://www.bleepingcomputer.com/news/security/crypt0l0cker-ransomware-is-back-with-campaigns-targeting-europe/

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s