http://arstechnica.com/security/2014/09/ransomware-going-strong-despite-takedown-of-gameover-zeus/
By Robert Lemos
Ars Technica
Sept 7 2014
In late May, an international law enforcement effort disrupted the
Gameover Zeus (GoZ) botnet, a network of compromised computers used for
banking fraud.
The operation also hobbled a secondary, but equally important
cyber-criminal operation: the Cryptolocker ransomware campaign, which used
a program distributed by the GoZ botnet to encrypt victims' sensitive
files, holding them hostage until the victim paid a fee, typically
hundreds of dollars. The crackdown, and the subsequent discovery by
security firms of the digital keys needed to decrypt affected data,
effectively eliminated the threat from Cryptolocker.
Yet, ransomware is not dead, two recent analyses have found. Within a week
of the takedown of Gameover Zeus and Cryptolocker, a surge of spam with
links to a Cryptolocker copycat, known as Cryptowall, resulted in a jump
in ransomware infections, states a report released last week by
security-services firm Dell Secureworks. Cryptowall first appeared in
November 2013, and spread slowly, but the group behind the program were
ready to take advantage of the vacuum left by the downfall of its
predecessor.
Being prepared paid off: In six months, the Cryptowall group infected
nearly 625,000 systems, and even though only 0.27% of victims paid, the
group still made $1.1 million, according to data from a
command-and-control server discovered by Dell Secureworks. Ransomware is
here to stay, the company concluded.
[...]
--
Evident.io - Continuous Cloud Security for AWS.
Identify and mitigate risks in 5 minutes or less.
Sign up for a free trial @ https://evident.io/
