Slashdot Mirror

← Back to Stories (view on slashdot.org)

'Alarming' Rise In Ransomware Tracked (bbc.com)

Posted by BeauHD on from the return-on-investment dept.

An anonymous reader quotes a report from BBC: Cyber-thieves are adopting ransomware in "alarming" numbers, say security researchers. There are now more than 120 separate families of ransomware, said experts studying the malicious software. Other researchers have seen a 3,500% increase in the criminal use of net infrastructure that helps run ransomware campaigns. The rise is driven by the money thieves make with ransomware and the increase in kits that help them snare victims. Ransomware was easy to use, low risk and offered a high reward, said Bart Parys, a security researcher who helps to maintain a list of the growing numbers of types of this kind of malware. Mr Parys and his colleagues have now logged 124 separate variants of ransomware. Some virulent strains, such as Locky and Cryptolocker, were controlled by individual gangs, he said, but others were being used by people buying the service from an underground market. A separate indicator of the growth of ransomware came from the amount of net infrastructure that gangs behind the malware had been seen using. The numbers of web domains used to host the information and payment systems had grown 35-fold, said Infoblox in its annual report which monitors these chunks of the net's infrastructure. A lot of ransomware reached victims via spear-phishing campaigns or booby-trapped adverts, he said, but other gangs used specialized "crypters" and "packers" that made files look benign. Others relied on inserting malware into working memory so it never reached the parts of a computer on which most security software keeps an eye. Ars Technica reports that drive-by attacks that install the TeslaCrypt crypto ransomware are now able to bypass Microsoft's EMET.

11 of 48 comments (clear)

  1. Being alarmed is good by Hentes · · Score: 4, Interesting

    Once you're hacked the bad guys can do a lot of nasty things to you and your data, shaking you for a few bitcoins if you don't have backups is pretty much the cheapest way you can find out about having a security hole. Data theft, APTs or even remote sabotage by a state agent can cause a lot more harm than ransomware, often without you even noticing. The spread of ransomware is actually very good for security, because it brings hidden vulnerabilities to light and associates an exact cost to them rather than for example the nebulous cost of losing sensitive data of costumers. Thus, ransomware alerts companies to vulnerabilities and bad backup practices, provides a financial incentive to fix those problems, all the while causing much less harm than the lack of those fixes would. Ransomware is doing more for security than a thousand conferences could.

    1. Re:Being alarmed is good by Anonymous Coward · · Score: 4, Funny

      ...rather than for example the nebulous cost of losing sensitive data of costumers.

      This leaves me with the question of why costumers in particular hold all this sensitive data. Is it because they know the actual sizes of the models they make costumes for?

    2. Re:Being alarmed is good by houstonbofh · · Score: 3, Informative

      This is not a Windows thing. It is tricking someone into running a bit of software that with that users access only can lock all your data. If written for *nix, it would work on *nix.

    3. Re:Being alarmed is good by mspohr · · Score: 2

      Years of Windows vulnerabilities have not convinced Microsoft to switch to a more secure foundation (backwards compatibility would be a big problem).
      Customers (sheeple) don't seem to mind the problems. Those that do have already switched.
      I used to work for a large international organization which ran Windows. We did a lot of traveling to places with dodgy Windows infrastructure. My colleagues would always get infected (usually by USB). I installed Linux on my travel laptop and never had a problem. The HQ (Switzerland) also had a constant problem with various malware infections and attacks. It was a constant battle (and they were losing). It didn't help that there was a lot of politically sensitive data on the network which was a ripe target.
      If you're using Windows, you're a sitting duck and you only have yourself to blame.

      --
      I don't read your sig. Why are you reading mine?
  2. From TFA by Rik+Sweeney · · Score: 5, Insightful

    A lot of ransomware reached victims via spear-phishing campaigns or booby-trapped adverts

    And this is why people use ad blockers.

    --
    Summation 2
  3. Are the ad companies responsible? by TheCastro1689 · · Score: 2

    If ads are where the viruses is, who can we hold responsible for them? The website hosting the ads, the company supplying the ads to the website, or are they hacked ads?

    1. Re:Are the ad companies responsible? by Ol+Olsoc · · Score: 2

      If ads are where the viruses is, who can we hold responsible for them? The website hosting the ads, the company supplying the ads to the website, or are they hacked ads?

      I think the partial solution to this issue is for websites that depend on advertisements to band together and place demands upon the ad suppliers to vet the ads for suitability. Hacking ads can still happen, but they will be found quickly. Not a perfect solution - there is none - but as adblocking leaves the avoiding inconvenience arena to the full blown protect your system's ass critical need, we are reaching a tipping point.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
    2. Re:Are the ad companies responsible? by swb · · Score: 4, Insightful

      How about ads being forced to be static images or text only, with no fucking Javascript, flash or any other programmatic content? The ads are less annoying and the opportunity for useful malware payload gets closer to zero.

      Since those kinds of ads won't go away completely, the sites or the advertisers themselves can create them which will greatly reduce the opportunity for anonymous content injection into ad networks.

      Sure, it's less efficient for advertising, but its a hell of a lot safer. I hate to think that the reason ads are so insecure is so that the advertising industry is more efficient. It's like their single digit percentage increase in profit is being paid for by huge security costs everywhere.

    3. Re:Are the ad companies responsible? by The-Ixian · · Score: 2

      Something tells me that the cat is out of the bag on adblocking.

      Even if advertisers tone things down, people will likely still block ads because they can.

      Right now, we have good justification for blocking ads. But even if things change and advertisers go back to text or static images, people will find some other justification for running their ad blockers.

      --
      My eyes reflect the stars and a smile lights up my face.
    4. Re:Are the ad companies responsible? by Ol+Olsoc · · Score: 2

      I think the partial solution to this issue is for websites that depend on advertisements to band together and place demands upon the ad suppliers to vet the ads for suitability.

      That is not happening; why would it?

      Because this isn't two years ago. While I've used ad and script blocking for years, it has escaped form us geeks, and now even Grandma uses it. I've installed adblockers on many computers that were brought to me by Grandmas and others. THe computers were brought in because they were slow, and "there must be something wrong." Yup, clogged by advertising and scripts. Old Ol sped them right up. Only negative is sites like Forbes won't let you in. Or is that a positive? Websites have no reason to do what you're talking about.

      And yet, we've been seeing a lot of whining about adblockers, and some sites like Forbes, demand you turn them off to gain access. Then promptly serve you up some malware if yu are foolish enough to do that in order to see their content. Sorry, I nave no conceivable need for Forbes and their ilk.

      It's no skin off my butt, as a webmaster, if you run malware. Not only am I not going to be held responsible

      I do believe that you are not responsible. Not at all.

      --
      The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.
  4. Re:backups backups backups by Ol+Olsoc · · Score: 2

    but it isn't like computers don't give you both ample means of almost perfectly protecting yourself, and ample means of recovering after the fact even if you failed to do that.

    If you don't avail yourself of either, maybe it's about time you learned. People don't learn by being shielded from the consequences of their choices. The world does contain bad people, and always will, and what you should do is protect yourself rather than holding the unrealistic expectation that nobody will ever try to do anything bad to you.

    I don't know the answer to the backups dilemma. About the only justification for the cloud I've seen is the ability to backup - although I trust my backup system more.

    But the idea that the internet has to be a Game of Thrones type neighborhood is a little over the top. This is yet another example of the critical need for ad blocking, and script blocking. And if the mainstream sites don't do something about serving up ransomware and other problems with their ads, they'll just have to forgive me if I don't invite the Visigoths at the gates in.

    --
    The shepherds did so well protecting the flock that the sheep no longer believed that wolves existed.