The Threats
There has been an influx recently of crypto-ransomware spreading in Australia, similar to the hike of infections that were noted late last year in Europe, The Middle East, and Africa (EMEA). It seems likely upon further inspection that the attackers behind these individual incidents could possibly belong to the same group of cybercriminals – there’s similarity in their IP addresses.
Infected Domains
Analysis shows the family-based pattern, which identified the TorrentLocker malware behind the attacks in Australia, was also identified in outbreaks that took place in Turkey, Italy, and France. TorrentLocker malware has been found to be configured for both Australia and countries in EMEA, and it also features similar payment pages for these countries. If a user isn’t located in a targeted country, it will supply a generic English-language web page and the ransom demand is made in US dollars. The base price in Australia is $598 and comes with a warning that the price will double after four days.
Trend Micro and Smart Protection Network have provided data that shows the top spoofed sites and which countries in EMEA and Australia they were most common in. Typically the sites are related to postal services and government-related websites. With the data obtained, a search was done to related domains accounting for October to December of last year, and found that the sites were accessed an average of 1000 times or less per day. Australia topped the list of the most spoofed domains, while an Italian courier service and Internet provider websites were also among the top accessed domains.
Be Alert, Stay Protected
All of this information indicates that the same group could be active throughout multiple countries, meaning that it’s likely we’re seeing a massive global threat. The best way to stay protected as these attacks of crypto-ransomware continue to spread is to know the threats and stay vigilant. Here’s a few tips:
Ignore suspicious messages and links
Type in website URLs and go directly to the site
Keep anti-virus software and firewalls up-to-date
Stay ahead of evolving security threats
For more information on emerging threats and the best ways to keep your business IT systems and data protected, contact Remote Technology Services at [email protected] or speak to us directly by phone at (800) 478-8105.
Listen To What Our Clients Say:
1293 Professional Drive
Myrtle Beach, SC 29577
(800) 478-8105
(843) 222-6198
Privacy is our policy. We may contact you from time to time with special offers but we will never sell or provide your information to anyone outside of our company.
Call (800) 478-8105 today to schedule your free technology assessment
Remote Tech Services provides IT Support & IT Services for businesses in Wilmington, Sunset Beach, Calabash, Little River, North Myrtle Beach, Myrtle Beach, Florence, Conway, Longs, Georgetown, Charleston and throughout the Grand Strand.