Cyber mobsters based in Eastern Europe – have launched 3 new ransomware scams.–PC Pitstop
3 New Ransomware Scams
By Stu Sjouwerman, for KnowBe4.com Security Awareness Training
Cybercrime has not given up on ransomware just yet. In fact, it’s expanding as different Eastern European mafias are competing with each other for market share in this segment. Here are three campaigns that are active at the moment:
1)Owners of Android devices need to pay attention. IT Security company Check Point alerted about a new Simplocker variant, which locked tens of thousands of Android phones and tablets. Victims are told to pay between 200 and 500 dollars to get access to their files. The infection is relatively easy to prevent, as it’s only spread through unofficial download sites (meaning not Google Play) and mis-identify themselves as “Flash Player”.
In case the user installs the app, they get a spoofed alert purportedly from the NSA that they need to pay a fine within 48 hours. If not paid, the fine doubles. End-users are not able to remove the app easily, and even then the files are encrypted. Check Point’s research showed that around 10% of the users did pay the ransom, which is much higher than other strains.
Conclusion: Warn your users, friends and family to ONLY download apps from the Google Play store, and even those are sometimes malicious so be very careful.
2)MOORE, Oklahoma’s school district was hit with ransomware on their public Windows drive. “Once the virus was located the director of technology shut down every server,” said Dustin Horstkoetter, Moore Public Schools. Many teachers are now forced to redo weeks of lesson plans. Experts say unfortunately this type of malware is becoming more prominent and profitable. “They are not really after to steal your data. They are there to make revenue,” said Mark Gower, Oklahoma’s chief information security officer.
End-users should be stepped through effective security awareness training to prevent infections like this.