Saturday 21 March 2015

Ransomware Steals For The First Time Passwords


Researchers have for the first time discovered a ransomware variant installs simultaneously spyware to steal all kinds of passwords from the system. According to the Japanese anti-virus company Trend Micro is the first time that ransomware is bundled with spyware. However, the infection method of "CryptoWall 3.0" is equivalent to previous versions and other crypto ransomware.

Users receive an e-mail with a zip annex, which would contain a so-called CV. In reality it is a Javascript file. Once the user opens this file are downloaded two "JPG files." However, the extension is only intended to circumvent security systems.Once the files are downloaded performed by JavaScript. It is a variant of CryptoWall and Fareit spyware. CryptoWall encrypts all kinds of data on the computer and then asks for a sum of 500 euros to decrypt it.

Is not paid on time, then the user must pay 1,000 euros. While the user is thus inferred Fare it steal all types of passwords from FTP programs, browsers, email clients and bitcoin wallets says analyst Anthony Joe Melgarejo. He argues that there are several reasons why the spyware is bundled with ransomware, perhaps because people refuse to pay the ransom and thereby steal passwords is a backup plan. "

Even if the user refuses to pay would be the cyber criminals, for example via the passwords of the bitcoin wallets, still can steal money. To infections with these and other species to prevent ransomware, users advised to not open attachments from unknown senders. "In fact, they should ignore or delete e-mail from unknown senders," says Melgarejo.

No comments:

Post a Comment