A new "cocktail" of malware steals passwords before they are encrypted by Windows.
A number of hacked sites redirect their visitors to websites που περιέχουν το περιβόητο Angler exploit kit, το οποίο βοηθάει τους hackers να πραγματοποιούν επιθέσεις drive-by σχετικά εύκολα.
This type of attack is particularly insidious, since it can be done automatically and without the user knowing it. Once the Angler exploit kit finds a vulnerable application, like Flash, it automatically serves the malware required.
According to a publication by Heimdal Security, a widely used software that steals data known as Pony "systematically collects all used usernames and passwords from the infected system" and sends them to servers controlled by hackers.
This allows malicious users to access websites, e-commerce sites, and even corporate applications from which they could steal extra data.
Right after the Angler exploit kit, it serves the widely used CryptoWall 4 ransomware, which locks all the victim's files until the ransom demanded by the malicious users is paid.
This ransomware is served to thousands of users each week, and earns 18 $ million worth of crooks, according to FBI estimates. Other data show that the Cryptowall family has so far delivered 325 million dollars to Bitcoin to those who serve it.
One of the best ways to mitigate the attack is to keep all applications up to date. You should also keep frequent backups of files to an external hard drive.
Meanwhile, BitDefender has released a "vaccine" that can prevent Cryptowall ransomware infections and is available for free.
Bitdefender CryptoWall Vaccine