Tag Archive | Malware

Security: CryptoWall 4.0 in the wild

The fourth version of the CryptoWall ransomware has landed in the wild, equipped with better evasion techniques and tactics to thwart antivirus protection and detection.

Ransomware attacks computers and encrypts user files and folders via infected email attachments, with attackers demanding ransom payments to unlock the scrambled documents.

Users are told to make the payment by a specific deadline or risk having the private key to unlock the files deleted.

The active CryptoWall ransomware spawned from CryptoLocker, which is thought to have extorted more than $3 million from victims before the botnet used to distribute it – Gameover Zeus – was taken down last year.


To avoid getting caught by CryptoWall, we recommended keeping systems up to date, maintain regular backups and educating users to  avoidin emails with attachments sent by unknown senders, and using products that can detect and block recent ransomware variants.

Ransomware attacks up 113 Percent in 2014

Beginning in 2013 a new type of Malware was spreading via email: Ransomware.  Even today in 2015 most people are unaware of Ransomware and are unable to take steps against it.

As the name implies, “ransomware” is malware that prevents you from accessing data or information on your computer until you pay a ransom or a specified amount of money.

Just as sophisticated phishing emails appear to be from trusted financial institutions or other respected companies, ransomware can appear to be from legitimate sources such as legal authorities or even government officials. A demand is usually made for a fine to be paid for the “illegal activity” that was supposedly found originating from your computer. The illegal activity claim could be items like copying songs or duplicating videos and violating copyright laws.

The two commonest forms of ransomware will: lock the screen with a full-screen image or Web page to prevent access to the computer; or encrypt files with a password that prevents access to data or information.

The other bad news for those infected with this malware is that paying the ransom does not always return your computer to normal.

Source: Symantec

Cyberattacks & Malware: The Culprit are working with you.

Everyone is aware of Malware and cyberattacks today. The media covers every credit card breach and every security loophole discovered. But the reality for many businesses is that the blame for security breaches lies inside the office. Criminals in faraway countries may design and launch the attacks, but their success is often due more to human error than technology.

While your business can and does implement technology to limit the companies vulnerability to a wide variety of attacks, technology isn’t your only line of defense. Numerous studies indicate that cyberattacks are often successful because company employees let the attackers in.

A 2014 study conducted by IBM found that in 2013, human error was involved at some level in more than 95 percent of security incidents. The most common “mistake” was an employee clicking on a malicious email link that compromised the corporate defenses in some way.

The very best defense today is employee vigilance. We cannot stress enough that each employee with access to company resources be aware of Malware and that you company have an email policy that helps employees determine unsafe emails.

Ebola fears being used in Malware / Phishing

While we have not had any clients reporting emails mentioning Ebola, Symantec is reporting Malware and phishing campaigns reaching customers.  It is only a matter of time until these attacks spread to most mail systems.

Phishing is the attempt to acquire information such as usernames and password by masquerading as a trustworthy entity in an email or popup. Communications purporting to be from popular social web sites, auction sites, banks, online payment processors or IT administrators are commonly used to lure unsuspecting public

Source: Symantec