CryptoWall 3.0 Prompt Delivery via RIG Exploit Kit and Google Drive

Status
Not open for further replies.

Jack

Administrator
Thread author
Verified
Staff Member
Well-known
Jan 24, 2011
9,377
cryptowall-3-0-prompt-delivery-via-rig-exploit-kit-and-google-drive-485908-2.jpg

CryptoWall dominance among ransomware with file encryption capabilities continues as new email campaigns are flung against users, some of them recording thousands of infections per day.

In a fresh drive-by download campaign spotted by researchers at Heimdal Security, the delivery mechanism for the crypto-malware involves RIG exploit kit, tens of compromised websites, and Google’s cloud storage service.

Both companies and individuals are targeted by CryptoWall
Morten Kjaersgaard, Heimdal’s CEO, says that the number and scale of attacks with file-encrypting ransomware have grown to an alarming rate in the past months.

CryptoWall, which officially caused losses of $18 / €16 million in about a year, is the worst of them, being distributed through multiple exploit kits, Angler, Magnitude and RIG being the most notorious.

“Attacks are increasingly sophisticated and the periods between campaigns are shorter every time. To top that off, the numbers of infections in both companies and among individual users is increasing,” Kjaersgaard said.

In the current campaign, users with outdated versions of Flash Player, Java, Adobe Reader and Internet Explorer are likely to become victims because RIG leverages exploits for vulnerabilities in these programs.

After the user lands on a compromised website, a series of redirections follow until the final payload, CryptoWall, is delivered.

Read more: http://news.softpedia.com/news/cryp...rig-exploit-kit-and-google-drive-485908.shtml
 
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top