Beware 'Irreversible Malware,' Increased Attacks On Apple OS X

By Ken Presti
December 04, 2012 9:00 AM ET

Page 1 of 2

Cybercriminals using ransomware to extort money from computer users have raised their game by adding highly complex encryption to their methods used to lock down their victims' data.

According to the Sophos Security Threat Report 2013, the criminals have begun using public key infrastructure (PKI)-grade encryption that is often beyond the reach of security companies that have previously had little difficulty in cracking the codes and integrating those solutions into tools.

"Within the last couple of months, we've seen more advanced versions of encryption with which we simply cannot just build a tool to get those files back," said Richard Wang, manager of SophosLabs. "This moves the emphasis towards recovering that data through backup and recovery, rather than through breaking the encryption. You could pay the ransom, but there's no guarantee that you'll get your data back, even if you do."

Dubbed "irreversible malware" by Sophos, the exploits are typically delivered using standard drive-by techniques, leveraging toolkits like Black Hole.

Meanwhile, the purveyors of Black Hole may be getting much more marketing savvy. Wang says Version Two of their exploit kit is already deployed and now features fewer exploits than the original version, and it is now more focused on well-known attacks that have a wide reputation for success. Premium packages are apparently being developed to support zero-day attacks and similar exploits that can command higher revenues. "I would expect to see things like newly announced vulnerabilities would likely be offered as part of a premium package," said Wang. "And then those things can go to the standard kit later, after they become more widespread."

Wang added that Sophos sees evidence of the Black Hole toolkit in roughly 27 percent of the exploited sites that they encounter on a day-to-day basis.

Users can also rent services from various organizations through which they can specify which malware they want to deliver and commission paid professionals to handle the technical functions.

"They've made it very easy for people with minimal technical skills ... to get malware distributed for cash," he said.

NEXT: The Big Attack On Mac

1 | 2 | Next >>

To continue reading this article, please download the free CRN Tech News app for your iPad or Windows 8 device.

Related: Videos | Slide Shows | Comments

SHARE THIS ARTICLE

More Security

Comments by Vanilla

Recent Articles

	Head-To-Head: Symantec Vs. McAfee In Endpoint Protection McAfee and Symantec are archrivals with a firm grip on the North American security market. CRN pits both vendors' endpoint security products against each other and names a winner.
	The 8 Steps Behind The Massive $45M Cyber Bank Heist More than $45 million was stolen from banks in the U.S. and 19 other countries in a scheme that law enforcement is calling an international conspiracy to drain millions from bank accounts using stolen debit cards and PIN numbers. Here's how they did it.
	Name Of The Game: Top 10 States For Identity Theft A Federal Trade Commission report provides statistics on identity theft and fraud complaints in 2012. Learn which state has the dubious distinction of having the most victims.
	More Slide Shows