Zen Managed ServicesZen Managed ServicesZen Managed ServicesZen Managed Services
  • Services
    • Domain Names
    • Managed Cyber Security
    • Secure VPN
    • Hosting
      • Managed WordPress Hosting
      • ColdFusion Hosting
      • Lucee Hosting
      • SmarterMail Hosting
    • Migration Services
    • Managed WordPress
    • Email Filtering & Archiving
    • Acronis Cloud Backup
  • Support
    • Open Ticket
    • Knowledgebase
    • News/Announcements
  • BLOG
  • Contact
  • Clients
    • Client Area
    • Hosting Control Panel
    • RMM Dashboard

Cybercriminals are now stealing off each other

    Home Uncategorized Cybercriminals are now stealing off each other
    NextPrevious

    Cybercriminals are now stealing off each other

    By russmichaels | Uncategorized | 0 comment | 16 March, 2017 | 0

    The cost of ransomware attacks: $1 billion this year

    The cost of ransomware attacks: $1 billion this year

    And it’s only the beginning, with file locking malware only set to grow and take larger role in cybercrime, warn researchers.

    • Read More

    Contact ZenMSP today to get protection from randomware.

    Ransomware is already one of the easiest forms of online extortion for hackers to carry out but one cybercriminal group has come up with a new way to make as much money as possible with the least effort: by stealing ransomware code from others, according to researchers.

    The Petya ransomware family is particularly vicious, not only encrypting the victims’ files using one of the most advanced cryptographic algorithms, but also encrypting the entire hard drive by overwriting the master reboot record, preventing the computer from loading the operating system.

    Like other forms of ransomware, Petya extorts a Bitcoin ransom from the victim in exchange for unencrypting the system.

    Petya was one of the first types of ransomware to gain major success by spreading itself via a ransomware-as-a-service scheme, in which the creators offered their product to users on demand, in exchange for a cut of the profits. In an effort to ensure their creation wasn’t exploited by others, Petya was equipped with measures to prevent the unauthorised use of samples.

    However, the authors of a new form of malware dubbed PetrWrap have managed to crack the Petya code and are using it to perform ransomware attacks, apparently without paying the creators of Petya, according to researchers at security company Kaspersky Lab.

    It said the PetrWrap Trojan has been active since February this year and uses its own cryptographic keys to lock victims’ files, rather than using those which come with the ‘stock’ version of Petya — and waits for an hour and a half after the initial compromise before striking.

    petya-basedeng3.png
    PetrWrap ransom note.Image: Kaspersky Lab

    Currently, it’s unknown who the group distributing PetrWrap is or how it’s being distributed. However, the very fact it exists appears to demonstrate competition and rivalries in the cybercriminal underground, with the potential that gangs will get distracted by fighting for dominance.

    “We are now seeing that threat actors are starting to devour each other. From our perspective, this is a sign of growing competition between ransomware gangs,” says Anton Ivanov, senior security researcher at Kaspersky Lab

    “Theoretically, this is good, because the more time criminal actors spend on fighting and fooling each other, the less organised they will be, and the less effective their malicious campaigns will be.”

    However, that doesn’t mean that you should take their eye of the ball when it comes to protecting against ransomware.

    “We urge organisations to pay as much attention as possible to the protection of their networks from this kind of threat, because the consequences can be really disastrous,” Ivanov added.

    Indeed, getting infected with PetrWrap could be very dangerous for a company because the cryptography of this ransomware is so strong that there currently are no decryption tools available.

    No tags.

    russmichaels

    More posts by russmichaels

    Related Posts

    • 54% of UK companies hit by ransomware attacks

      By russmichaels | 0 comment

      All experts agree that ransomware is unpredictable, hard if not impossible to prevent, and is currently showing no signs of slowing. Businesses are facing numerous challenges from this evolving, dangerous threat, with Andy Buchanan fromRead more

    • The business of cybercrime

      By russmichaels | 0 comment

      Think of a cyber criminal and what do you see? For many of us the answer is an obsessive loner, working from ‘criminal headquarters’ that are nothing more than a cramped bedsit. While that imageRead more

    • Is your hosting provider secure?

      By russmichaels | 0 comment

      In the past month, WordFence forensic analysts ran into two situations where they saw a significant number of site cleaning customers, all from the same hosting companies, all with the same malware. In both cases theRead more

    • Microsoft announces end of life (EOL) on Windows Vista

      By russmichaels | 0 comment

      What Does This Mean? As of today Windows Vista has now reached the end of its product support lifecycle after completing five successful years. In other words, Microsoft will no longer be supporting Windows Vista, andRead more

    • New malware targets governments

      By russmichaels | 0 comment

      New malware uses password recovery and backup tools to steal data A new type of attacks targeting government agencies uses readily available software such as password recovery and backup tools to infect victim organizations andRead more

    • Microsoft Master File Table bug exploited to BSOD Windows 7, 8.1

      By russmichaels | 0 comment

      Until Microsoft patches this problem, use Chrome: a slip in file path handling allows an attacker to crash Windows 7 and Windows 8.1 with a simple file call. The bug is triggered if Windows’ MasterRead more

    • Massive GoldenEye / Petya ransomware attack is currently unfolding worldwide.

      By russmichaels | 0 comment

        Another month, another global ransomware attack. Just as it seemed that the threat of WannaCry has dissipated, organisations around the world are finding themselves under siege from a new threat. Bitdefender has identified aRead more

    • ALERT: Your SSL may need re-issuing

      By russmichaels | 0 comment

      Since March 2017, Google and Symantec have been involved in a dispute over Symantec’s validation process for SSL certificates (read more here). Google has announced a solution that will have an immediate impact on youRead more

    NextPrevious

    Categories

    • News
    • Products & Services
    • Security
    • Tutorials
    • Uncategorized

    Recent Posts

    • 7 ways to defend your network from fatal DDoS attacks
    • New Gmail security features to protect you from phishing and ransomware
    • Updates to our Cybersecurity solution
    • DON’T MISS OUT! – Last chance to claim your .uk domain name
    • How to make your Website GDPR compliant

    Recent Comments

      Archives

      • November 2020
      • June 2019
      • April 2018
      • March 2018
      • November 2017
      • September 2017
      • August 2017
      • July 2017
      • June 2017
      • May 2017
      • April 2017
      • March 2017
      • February 2017
        Legal Documents
      • Hosting Master Service Agreement
      • Terms & Conditions
      • Privacy Policy
      • Services
        • Domain Names
        • Managed Cyber Security
        • Secure VPN
        • Hosting
          • Managed WordPress Hosting
          • ColdFusion Hosting
          • Lucee Hosting
          • SmarterMail Hosting
        • Migration Services
        • Managed WordPress
        • Email Filtering & Archiving
        • Acronis Cloud Backup
      • Support
        • Open Ticket
        • Knowledgebase
        • News/Announcements
      • BLOG
      • Contact
      • Clients
        • Client Area
        • Hosting Control Panel
        • RMM Dashboard
      Zen Managed Services