Page 77 - Cyber Defense eMagazine - December 2017
P. 77
files instead of making them inaccessible through encryption. This means that there is
absolutely no way to get the hostage data back.
Nov. 7, 2017. Another ransom Trojan is discovered that exploits Microsoft Word macros
to contaminate computers. It’s called Sigma. The payload arrives with a booby-trapped
email attachment. Sigma appends every encrypted file with a random extension
composed of four alphanumeric characters and drops a rescue note named ReadMe.txt.
The ransom amounts to a Bitcoin equivalent of $1,000.
Nov. 4, 2017. Security experts unearth some details about a new high-profile
ransomware species called GIBON. It turns out to have been circulating in the
cybercriminal underground since May this year. It’s not until early November, though,
that the pest started making the rounds via massive spam campaigns. It provides data
recovery steps in a file named Read_Me_Now.txt. Shortly after the breakout,
MalwareHunterTeam’s leader Michael Gillespie was able to create a free decryption
toolfor the infection.
Nov. 3, 2017. It’s amazing how a single email attachment can get a whole city’s
payment infrastructure paralyzed. That’s what happened to Spring Hill, Tennessee. One
of the employees opened a toxic file received via spam, thus unknowingly allowing a
ransomware contagion to take root. The perpetrating code badly affected Spring Hill’s
computer servers, effectively knocking down the online payment processing systems.
The adversaries demand $250,000 worth of Bitcoin for data decryption.
Nov. 2, 2017. Magniber, a ransomware sample spreading via the Magnitude exploit
kit, hit the headlines in mid-October as it resembled the abominable Cerber infection in
many ways. Based on clues in its code, security analysts concluded it was a new variant
of this year’s most widespread ransomware program mentioned above. Several weeks
77 Cyber Defense eMagazine – December 2017 Edition
Copyright © 2017, Cyber Defense Magazine, All rights reserved worldwide.
