KnowBe4 Issues CryptoDefense Warning Ransomware is Worse than CryptoLocker

KnowBe4 Issues CryptoDefense Warning Ransomware is Worse than CryptoLocker

Posted: Updated:
““It is obvious that this is a social engineering ploy and that effective security awareness training will prevent someone from opening these infected attachments when they make it through the filters.” — Stu Sjouwerman, CEO of KnowBe4″
KnowBe4 alerts computer users of new ransomware, how to avoid infection and how to avoid being caught up in a cyber-gang war.

Tampa Bay, FL. April 3, 2014 - KnowBe4 CEO Stu Sjouwerman issued an alert today warning computer users of a new but very nasty ransomware named CryptoDefense. A copycat competitor to CryptoLocker, CryptoDefense was released in late February, 2014 and is much worse than the original. The ransomware targets text, picture, video, PDF and MS Office files and encrypts these with a strong RSA-2048 key which is hard to undo. It also wipes out Shadow Copies which are used by many backup programs.

The potential for damage is vast, generating tens of thousands per month, according to reports from Symantec. If an end-user opens the infected attachment, the ransomware encrypts its target files, and the criminals charge $500 in Bitcoin to decrypt the files. If their four-day deadline passes by, the amount goes up to $1,000. After a month, the keys are destroyed.

“There is furious competition between cybergangs,” said Sjouwerman (pronounced ‘shower-man’). “They did their test-marketing in countries like the UK, Canada and Australia and are now targeting the US.” Sjouwerman further stated, “CryptoDefense doesn’t seem to be a derivative of CryptoLocker as the code is completely different, confirming this is a competing criminal gang.”

It appears that this infection initiallywas installed through programs that pretend to be flash updates or video players required to view an online video. Then it moved on to a variety of different phishing attacks that show an email with a zip file directing to “open the attached document” that was supposed to have been “scanned and sent to you”.

According to Sjouwerman, “It is obvious that this is a social engineering ploy and that effective security awareness training will prevent someone from opening these infected attachments when they make it through the filters (which they regularly do). Training your end-users to prevent fires like this is a must these days. Once infected, the only way to fix this relatively fast is to make sure you have a recent backup of the files which actually can be restored. Even then, it can take several hours to restore the data.”

Recent ransomware infections were users opening an attachment with a “voice mail message” from AT&T, but there are variants from other Telco companies. Users then admit to opening the attachment but saying it did nothing, however they could not open their files afterward.

This new CryptoDefense ransomwareMalware has bugs too, and Symantec researchers stated : “Due to the attackers poor implementation of the cryptographic functionality they have, quite literally, left their hostages a key to escape”. But by the time you read this, that bug has probably (and unfortunately) been fixed.

About Stu Sjouwerman and KnowBe4:

Stu Sjouwerman is the founder and CEO of KnowBe4, LLC, which provides web-based Security Awareness Training to small and medium-sized enterprises. A data security expert with more than 30 years in the IT industry, Sjouwerman was the co-founder of Inc. 500 company Sunbelt Software, an award-winning anti-malwaresoftware company that he and his partner sold to GFI Software in 2010. Realizing that the human element of security was being seriously neglected, Sjouwerman decided to help entrepreneurs tackle cybercrime tactics through advanced securityawarenesstraining. KnowBe4 services hundreds of customers in a variety of industries, including highly-regulated fields such as healthcare, finance and insurance and is experiencing explosive growth with a surge of 427% in 2013 alone. Sjouwerman is the author of four books, with his latest being Cyberheist: The Biggest Financial Threat Facing American Businesses Since the Meltdown of 2008.

To learn more visit www.knowbe4.com

To prevent being “ransomwared” go to Don’t Get Hit with Ransomware

Media Contact
Company Name: KnowBe4
Contact Person: Kathy Wattman
Email: Send Email
Phone: 7274749950
Address:601 Cleveland Suite 230
City: Clearwater
State: Florida
Country: United States
Website: www.knowbe4.com

Source: www.abnewswire.com

ReleaseID: 10154

  • Most Popular StoriesMost Popular StoriesMore>>

  • Forecasters: Arizona to see wetter weather

    Forecasters: Arizona to see wetter weather

    A week after the Phoenix area received record rainfall, more heavy rain and the possibility of localized flooding are expected across much of Arizona.More >>
    A week after the Phoenix area received record rainfall, more heavy rain and the possibility of localized flooding are expected across much of Arizona.More >>
  • KSWT-TV NFL Football Schedule 2012-2013

    KSWT-TV NFL Football Schedule 2012-2013

    How to find KSWT-TV CBS System Channel Antenna (over the air) 13.1 Time Warner Cable 13 HD - Time Warner Cable 713 HD - Dish Network 13 Beam Speed(Welton) 13 Megacable - San Luis R.C. 91 Cablemas - MexicaliMore >>
    Click here to view our 2012 - 2013 KSWT TV CBS 13 NFL Football schedule.More >>
  • ADOT: I-17 partially closed after a fatal crash

    ADOT: I-17 partially closed after a fatal crash

    Northbound lanes of Interstate 17 have partially reopened after a fatal crash near Black Canyon City northwest of Phoenix.More >>
    Northbound lanes of Interstate 17 have partially reopened after a fatal crash near Black Canyon City northwest of Phoenix.More >>
  • 4 students hurt, 1 seriously, in Denver lab fire

    4 students hurt, 1 seriously, in Denver lab fire

    Monday, September 15 2014 6:51 PM EDT2014-09-15 22:51:40 GMT
    Four students suffered burns and at least one had serious injuries after a fire erupted Monday in a Denver high school chemistry laboratory, officials said.More >>
    Four students were burned and one suffered serious injuries Monday after a fire erupted in a Denver high school chemistry laboratory while the teacher was conducting a demonstration with methanol, officials said.More >>
  • Northern California wildfire burns 100 homes

    Northern California wildfire burns 100 homes

    Monday, September 15 2014 11:01 PM EDT2014-09-16 03:01:06 GMT
    Two raging wildfires in California forced hundreds of people to evacuate their homes, including one near a lakeside resort town that burned nearly two dozen structures.More >>
    A fire driven by fierce winds raced through a small town near the Oregon border on Monday, burning a church to the ground, damaging or destroying 100 homes and prompting evacuation orders for at least 1,500 people,...More >>
  • At least 19 deaths linked to faulty GM cars

    At least 19 deaths linked to faulty GM cars

    The number of people killed by faulty General Motors carsnow stands at 19, significantly higher than the 13 deaths previously disclosed by the automaker. Nineteen death claims have been found eligible for the GM compensation fund that's administered by attorney and compensation expert Kenneth Feinberg. That figure appears likely to rise, with fund deputy administrator Camille Biros telling CBS MoneyWatch that she expects the fund to approve additional eligible claims as the effort continues t...More >>
    The number of people killed by faulty General Motors carsnow stands at 19, significantly higher than the 13 deaths previously disclosed by the automaker. Nineteen death claims have been found eligible for the GM compensation fund that's administered by attorney and compensation expert Kenneth Feinberg. That figure appears likely to rise, with fund deputy administrator Camille Biros telling CBS MoneyWatch that she expects the fund to approve additional eligible claims as the effort continues t...More >>
  • Drug tunnel found in Mexicali

    Drug tunnel found in Mexicali

    Mexicali--Mexican police found a partially constructed drug tunnel near the U.S. border in Mexicali. Police said the tunnel was presumably being built by drug traffickers. Mexicali's police chief saidMore >>
    Mexican police found a partially constructed drug tunnel near the U.S. border in Mexicali. More >>
  • Border Watch: Smugglers caught

    Border Watch: Smugglers caught

    In Border Watch News, El Centro Sector Border Patrol Agents assigned to the Imperial Sand Dunes arrest five smugglers crossing into the U.S. via the dunes near Grays Well Road. The five men were carrying bundles of marijuana weigh just over two hundred pounds and worth an estimated street value of well over a hundred thousand dollars.More >>
    In Border Watch News, El Centro Sector Border Patrol Agents assigned to the Imperial Sand Dunes arrest five smugglers crossing into the U.S. via the dunes near Grays Well Road. The five men were carrying bundles of marijuana weigh just over two hundred pounds and worth an estimated street value of well over a hundred thousand dollars.More >>