Ransomware attacks are not only proliferating, they’re becoming more sophisticated.
Several years ago, ransomware was normally delivered through spam e-mails, but because e-mail systems got better at filtering out spam, cyber criminals turned to spear phishing e-mails targeting specific individuals. See here how these e-mails may look like!
In newly identified instances of ransomware, some cyber criminals aren’t using e-mails at all. According to FBI Cyber Division Assistant Director James Trainor, “These criminals have evolved over time and now bypass the need for an individual to click on a link. They do this by seeding legitimate websites with malicious code, taking advantage of unpatched software on end-user computers.”
Our attacks against mobile phones are signaling pretty alarming. By stemming communication, which a lot of solutions have been popping up, you think you would be able to stop communication with command and control (C&C) center and block the key exchange.
LaChiffre doesn’t need Internet access to encrypt your files. Having a solution in place that blocks communication would not do much if you’d incur the LeChiffre malware. Your files would still be encrypted. No need for internet access to encrypt the files in that instance.
This variant of ransomware affects OS X clients and again requires cryptocurrency to a detour gateway to be able to decrypt your files.
It’s a rewrite of an older known encoder virus, which was able to bypass gatekeeper and the samples analysed because they had a signed valid Apple certificate that was signed to a developer in Turkey.
Please contact us if you would like to receive more information about this type of malware and if you have other questions about your technology.