Petronella Blog Archive

Visit our New Blog

European Cybergang Spreads Ransomware

Blog Post

Finally, people are beginning to recognize ransomware as the threat that it is, unfortunately it took the Eastern European organized cybercrime gang Dridex getting in on the action before it happened. Dridex has been accused of stealing upwards of $100 million worldwide, and has the potential to steal a great deal more.

Both Palo Alto Networks and Proofpoint have linked Dridex to a new strain of ransomware known as Locky. This particular malware isn’t that much different from other ransom type malware, like Cryptowall, but Dridex’s vast criminal network is causing it to spread rapidly. Infecting 90,000 systems a day, Locky is spread primarily through phishing emals with Microsoft Word attachments and once a system is infected, it’s shut down until the owner pays the hackers around $420 to unlock them.

FBI has stated that ransomware is a growing threat and with Dridex typically targeting financial institutions, they are likely the next sector to come under attack.

With the Dridex Botnet sending out over 4 million infected emails, here are some things you can do to protect yourself:

  • Block any emails with attached .zip files or macros.
  • Disable Adobe Flash, Java, and Silverlight as they are used as a means of attack.
  • Make sure all employees are educated and aware of potential red flags of a ransomware attack.
  • Download the free Ransom Protection Checklist or sign up to receive it by mail.
  • You can also schedule a free 10 minute consultation and Ransomware Security Review.