An average of 1.385 million new, unique phishing sites are created each month, with a high of 2.3 million sites created in May. The data collected by Webroot shows today’s phishing attacks are highly targeted, sophisticated, hard to detect, and difficult for users to avoid. The latest phishing sites employ realistic web pages that are hard to find using web crawlers, and they trick victims into providing personal and business information.
Security researchers have discovered a new ransomware dubbed nRansomware that encrypts a victim’s files and demands nude photographs instead of Bitcoin in exchange for a decryption key. Ransomware is a particularly nasty type of malicious software used to extort money from victims.
These AI-guessed passwords could be used with today’s tools to crack more hashed passwords, and log into more strangers’ accounts on systems, than ever before.
A new Locky Ransomware variant was discovered by security researcher Derek Knight and then quickly followed by Stormshield malware analyst coldshell that switches to the .ykcol extension for encrypted files. For those who may not have noticed it the first time, ykcol is locky spelled backwards. It is important to note that if you are infected with this ransomware, you are not infected with the Ykcol Ransomware, as some sites may call it. You are instead infected by Locky, which is using the .ykcol extension.
The dangers of Ransomware
Unlike other forms of malware, ransomware hurts more than your files, it also hurt your dignity. Ransomwareputs many innocent users in very embarrassing situations. For example, a teenage boy may have been told by his parents not to indulge in pornographic content on his computer. While using his computer, everything is suddenly locked and he encounters the message displayed above. It would be really hard for him to convince his parents that he was not watching it – especially if his parents are not tech savvy.
Danger to Organizations
The danger to an organization has an obvious aspect, being that the files necessary for operations are encrypted, and as such, halts the business. However, it should be noted that while the obvious aspect is important, there are other, dangers that cause long term negative consequences to organizations. In the example of Hollywood Presbyterian Medical Center, the attack became national news, meaning that there was extreme reputational damage to the organization. This damage to reputation can affect the ability to attract talent, as well as reduce customer trust of the organization resulting in lost potential profits. There would also be a necessity of post-attack investigations, often at high costs, to ensure that organizational data was not retrieved, altered, or disclosed pre-attack.
While ransomware has been propagating for years, it initially only modified Operating System boot specific files to present the end user with messages stating that the computer was locked. Infections such as WinLock presented screens at system boot to the end user, often with the appearance of being official federal messages stating that the end user had committed a crime and must pay a fine to regain use of their computer (Kirda, 2015). These infections, though frightening to the end user, were categorized as scareware, and often easily cleaned resulting in no data loss to the system.
As computer speed increased, so did the threat level of ransomware infections. Rather than easily cleaned infections, the additional computer speed allowed for the payload to conduct more operations in a shorter time period. In newer varieties of ransomware, the additional operations include a full encryption of specific file types, with care taken to not encrypt files which would prevent the operating system from properly booting.
In addition to computer speed, technological advances such as the nVidia CUDA technology allows the cores of the Graphical Processing Unit to be used to augment speed on specific tasks, one of which is encryption (Vasiliadis, Polychronakis, and Ioannidis, 2015).