ALERT:
2nd Generation Ransomware
There is a second-generation type of ransomware called CTB-Locker (Curve-Tor-Bitcoin) being described as the potential successor to CryptoLocker.
Because of the way it is run, this second generation of ransomware is much harder to shut down, or intercept. This new generation of ransomware uses the anonymous TOR network for it’s command & control servers, making it harder to shut down. Traffic between the malware that lives on the infected machine and its c&c servers is much harder to intercept.
The way the files are encrypted on this new generation, it is also a lot harder to retrieve the files yourself. First the infection on the computer will compress the files before encrypting them. Then, because CBT-Locker encrypts files using little-used and super strong Elliptic Curve Diffie-Hellman cryptography, it makes decrypting the machine yourself impossible.
The worst part of this new generation of ransomware is that because it was built as commercial crimeware, it can be sold globally to other cybercriminals. The Bitcoin ransom can be specified, as can the extensions of the files to be encrypted.
More than ever, it is important to be aware of what you are clicking on, or opening,
as well as have a good backup solution, just in case of infection.
If you would like more information on how you can protect your business from being infected, or how you can prevent the damage to your files, (204) 800-3166 or email helpdesk@tbyd.ca.
You can’t stop CyberCriminals from targeting your company or employees.
But you can be prepared for their arrival, and have full shields up.
Leave a Reply