February 25, 2016
Locky and TeslaCrypt Among Latest Ransomware Threats
If it seems like there’s a new ransomware threat popping up every week, it’s not just you. Threats have been constantly making headlines, and you can’t escape the stories about CryptoLocker, ransomware or cybersecurity.
Yet again, there are some new major threats out there in the form of ransomware. One of the newest threats is known as Locky. While Forbes reports it isn’t necessarily any more sophisticated than other variations of CryptoLocker, it’s the spread rate we are concerned with. The virus infected an estimated 90,000 per day in the first week of detection
Locky is spread through spam email and encrypts files on a victim’s’ computers with a ransom demand anywhere from half to one Bitcoin, or between £157 - £315 according to Symantec. The emails are typically disguised as an invoice with the subject line “ATTN: Invoice J-[RANDOM NUMBERS]”. According to Symantec, 5 million emails associated with these campaigns were blocked by their anti-spam technology.
Unfortunately, Locky isn’t the only ransomware making headlines. Content management systems aren’t safe either. Wordpress and Joomla domains are being attacked by a ransomware known as TeslaCrypt. This campaign uses admedia to exploit files hosted on websites in these major domains. The exploit leads to installation of multiple backdoor vulnerabilities as well as malicious domains generated on these sites sent unwittingly to visitors, according to ZDNet.
As in numerous instances, it pays to have a business continuity and disaster recovery solution you can count on. With a business continuity solution, you can restore critical business data to a point in time before corruption occurred and avoid paying a hefty ransom.
For even more tips on how you can protect your business through an effective BCDR solution, check out our tips in the 4 Business Continuity Planning Essentials.