ESET Reports Major Increase of Dangerous Filecoders - Trojans Extorting Ransom..

ESET HQ Malware Research Lab is reporting an unusual spike in the actvity of Filecoder malware - trojans that encrypt user files and try to extort a ransom from the victim in exchange for a decrypting software. ESET LiveGrid® technology - the company’s cloud-based malware collection system -  has shown  a rising weekly number of Win32/Filecoder detections by over 200% since July 2013 from average numbers in January - June 2013.

Significant  share of detection (44%) are from Russia, but a significant  share is reported in southern Europe (Italy, Spain), Central and Eastern Europe (Germany, Czech Republic, Poland, Romania and Ukraine), and the United States.

To infect the computer, cybercriminals are using various infiltration methods: drive-by downloads from malware-laden websites; e-mail attachments, installation through another Trojan or Backdoor, or even manual installation by the attacker.

“The Win32/Filecoder malware family is more dangerous than other types of so-called ransomware as they usually encrypt pictures, documents, music and archives. A wide range of techniques and levels of sophistication has been seen in different variants over time,” says Róbert Lipovský, ESET Malware Researcher.

“It can be very expensive. Malware samples in this malware category usually request sums around 100 – 200€, however some have been seen extorting up to 3000€. The high amount is consistent with the fact that the attackers usually target businesses that can usually afford to pay higher ransoms than individuals,” he adds.

One recent variant puts the victims under pressure by displaying a countdown timer indicating that the encryption key will be permanently deleted, making the recovery of the encrypted files nearly impossible.

ESET advises Internet surfers to stay protected with regularly updated Antivirus software (ESET products detect these dangerous files). However, it is also a good idea to password-protect anti-malware software's settings to prevent them being altered by an attacker and backup regularly.

For a more detailed analysis of this malware  see the blogpost on WeLiveSecurity.com - ESET’s news platform for the latest information and analyses on cyber threats and useful security tips. 


 


About ESET
ESET, the pioneer of proactive protection and the maker of the award-winning NOD32 technology which is celebrating its 25th anniversary in 2012, is a global provider of security solutions for businesses and consumers. The Company continues to lead the industry in proactive threat detection. ESET NOD32 Antivirus holds the world record for the number of Virus Bulletin "VB100” Awards, and has never missed a single “In-the-Wild” worm or virus since the inception of testing in 1998. ESET has been selected as one of the most innovative companies in Europe for the 2011 HSBC European Business Awards and holds number of accolades from AV-Comparatives, AV Test and other organizations. ESET NOD32 Antivirus, ESET Smart Security and ESET Cyber Security for Mac are trusted by millions of global users and are among the most recommended security solutions in the world. 

The Company has global headquarters in Bratislava (Slovakia), with regional distribution centers in San Diego (U.S.), Buenos Aires (Argentina), and Singapore; with offices in Sao Paulo (Brazil) and Prague (Czech Republic). ESET has malware research centers in Bratislava, San Diego, Buenos Aires, Singapore, Prague, Košice (Slovakia), Cracow (Poland), Montreal (Canada), Moscow (Russia), and an extensive partner network for 180 countries. . For more information, visit our local office at http://www.eset.com.cn.


About ESET LiveGrid® technology
Version 2 Limited is one of the most dynamic IT companies in Asia. Headquartered in Hong Kong, the Company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which includes Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.


About Version 2 Limited
Version 2 Limited is one of the most dynamic IT companies in Asia. Headquartered in Hong Kong, the Company develops and distributes IT products for Internet and IP-based networks, including communication systems, Internet software, security, network, and media products. Through an extensive network of channels, point of sales, resellers, and partnership companies, Version 2 Limited offers quality products and services which are highly acclaimed in the market. Its customers cover a wide spectrum which includes Global 1000 enterprises, regional listed companies, public utilities, Government, a vast number of successful SMEs, and consumers in various Asian cities.

Version 2 Singapore Pte Ltd is the local office of Version 2 Limited.

For more information, please visit http://www.eset.com.cn or call (86) 0755 8301 5850.