Five Prominent Websites Have been Found to Redirect Visitors to Malicious Locations through the Advertisements they Displayed, Delivering a Variant of the CryptoWall Ransomware on the Victims’ Computers.
One of the Interesting Aspects is that, the Variant of the Malware Discovered by Security Researchers is apparently Signed a Few Hours before the Campaign was Launched, with a Valid Digital Certificate from DigiCert, which Makes it More Difficult to Detect on the Affected System.
The Malicious Advertisements Have been Inserted via the Zedo Ad Network on the Following Websites: hindustantimes[.]com, bollywoodhungama[.]com, one[.]co[.]il, codingforums[.]com and mawdoo3[.]com.
Barracuda Labs Spotted the Malvertising Campaign on Sunday Evening and at the Time of Discovery, the Malware Sample Wasn't Detected by any of the Antivirus Engines Available on Google’s VirusTotal Free Scanning Service.
However, at this Moment, at Least 12 Out of the 55 Security Solutions Available, are Able to Spot the Threat for What it Really is.
“Upon successful compromise, an instance of CryptoWall ransomware is installed on the victim’s system. The particular instance delivered via tonight’s campaign has a valid digital signature and appears to have been signed just hours before its distribution”, Says Paul Royal from Barracuda Labs.
CryptoWall has been Designed to Encrypt Specific Files on the Compromised System and Hold them Hostage until their Owner Pays a Ransom. The Malware Relies on Public-Key Cryptography to Lock Up the Data. Unless the Encryption Key is Known, Rescuing the Files is Impossible; Restoring the Information from a Backup is the Only Reliable Recovery Method.
In Order to Discourage such Malicious Activity, Security Researchers Advise against Paying the Ransom and Strongly Recommend Users to Make Backup Copies of the Most Important Files.
Info Source:
https://www.virustotal.com/en/file/048321a1ea3a7c04a3dceac523ccfd7f61561049535f7d4c3776a3a9d1fa3510/analysis
_Robot_Glove_Pics_1.jpg)
.jpg)
0 comentários:
Enviar um comentário