- Feb 7, 2014
- 1,540
Cry Ransomware Uses UDP, Imgur, Google Maps
Ransomware purporting to come from a phony government agency, something called the Central Security Treatment Organization, has been making the rounds, researchers say.
The ransomware, which is already known by a number of names including Cry, CSTO ransomware, or Central Security Treatment Organization ransomware, uses the User Datagram Protocol (UDP) to communicate and the photo sharing service Imgur and Google Maps to carry out its infections to an extent, as well.
A security researcher who goes under the guise MalwareHunterTeam discovered the malware last Thursday.
Lawrence Abrams, who runs BleepingComputer.com, helped analyze the ransomware alongside MalwareHunterTeam and security researcher Daniel Gallagher. Abrams discussed their collected findings in a blog post Monday night.
The three point out that the ransomware is still being analyzed so many of the details around it are still hazy; that includes how it’s being distributed and whether or not decryption is possible. What is known is that the malware has managed to hit 8,000 victims in almost two weeks so far.
Abrams told Threatpost on Tuesday that when he started to analyze the ransomware with MalwareHunterTeam on Sept. 2 there were roughly 3,200 victims. That figure later ballooned to 6,800 two days later and when he checked on Monday, it had reached 8,000. The ransomware is still being developed too; Abrams claims Gallagher discovered a new sample earlier today.
You can get the rest of the news form here: Cry Ransomware Uses UDP, Imgur, Google Maps
Ransomware purporting to come from a phony government agency, something called the Central Security Treatment Organization, has been making the rounds, researchers say.
The ransomware, which is already known by a number of names including Cry, CSTO ransomware, or Central Security Treatment Organization ransomware, uses the User Datagram Protocol (UDP) to communicate and the photo sharing service Imgur and Google Maps to carry out its infections to an extent, as well.
A security researcher who goes under the guise MalwareHunterTeam discovered the malware last Thursday.
Lawrence Abrams, who runs BleepingComputer.com, helped analyze the ransomware alongside MalwareHunterTeam and security researcher Daniel Gallagher. Abrams discussed their collected findings in a blog post Monday night.
The three point out that the ransomware is still being analyzed so many of the details around it are still hazy; that includes how it’s being distributed and whether or not decryption is possible. What is known is that the malware has managed to hit 8,000 victims in almost two weeks so far.
Abrams told Threatpost on Tuesday that when he started to analyze the ransomware with MalwareHunterTeam on Sept. 2 there were roughly 3,200 victims. That figure later ballooned to 6,800 two days later and when he checked on Monday, it had reached 8,000. The ransomware is still being developed too; Abrams claims Gallagher discovered a new sample earlier today.
You can get the rest of the news form here: Cry Ransomware Uses UDP, Imgur, Google Maps
![[correlate]](/data/avatars/s/79/79653.jpg?1556985072){kind=avatar}
