- Jan 24, 2011
- 9,378
CryptoWall dominance among ransomware with file encryption capabilities continues as new email campaigns are flung against users, some of them recording thousands of infections per day.
In a fresh drive-by download campaign spotted by researchers at Heimdal Security, the delivery mechanism for the crypto-malware involves RIG exploit kit, tens of compromised websites, and Google’s cloud storage service.
Both companies and individuals are targeted by CryptoWall
Morten Kjaersgaard, Heimdal’s CEO, says that the number and scale of attacks with file-encrypting ransomware have grown to an alarming rate in the past months.
CryptoWall, which officially caused losses of $18 / €16 million in about a year, is the worst of them, being distributed through multiple exploit kits, Angler, Magnitude and RIG being the most notorious.
“Attacks are increasingly sophisticated and the periods between campaigns are shorter every time. To top that off, the numbers of infections in both companies and among individual users is increasing,” Kjaersgaard said.
In the current campaign, users with outdated versions of Flash Player, Java, Adobe Reader and Internet Explorer are likely to become victims because RIG leverages exploits for vulnerabilities in these programs.
After the user lands on a compromised website, a series of redirections follow until the final payload, CryptoWall, is delivered.
Read more: http://news.softpedia.com/news/cryp...rig-exploit-kit-and-google-drive-485908.shtml