It’s Baaack – The Return of CryptoLocker

Posted on by

Since last week I’ve been following some fascinating reports about the return of this ransomware behemoth. There are increasing accounts about the resurgence of CryptoLocker ransomware.  As we have learned with Lazarus Group and Shamoon, just because it’s dormant doesn’t mean it’s dead.

Attacks have been steadily climbing since January. And what is interesting is how attackers are leveraging the Certified Electronic Email in Italy to spread the joy. This service is used by people who want the assurance they are getting a high level of security. The attack vehicle was a carefully crafted email featuring a digital signature to appear very trustworthy. Attackers utilized Italy’s Certified Electronic Email which legally is like a registered letter, to deliver invoices hiding spam. And it worked. This parallels the similar rise in Dridex in Switzerland reported mid February, again leveraging trusted email providers. As we know, phishing works. “Trust” works. Put the two together … …Attacks were predominantly in Europe, the staging ground for Russian cybercriminals before they launch their malware on America.  Attacks are now heavy in the Netherlands, and have landed on American shores as confirmed by Microsoft’s Malware Protection Center.

Sources: https://www.scmagazine.com/cryptolocker-bursts-onto-scene-again-targeting-europe-and-us/article/641731/

https://www.bleepingcomputer.com/news/security/crypt0l0cker-ransomware-is-back-with-campaigns-targeting-europe/

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s