A new malware cocktail steals passwords before they are encrypted by Windows.
A number of sites that have been compromised redirect their visitors to websites that contain the infamous Angler exploit kit, which helps them hackers carry out drive-by attacks relatively easily.
This kind of her attackς είναι ιδιαίτερα ύπουλο, δεδομένου ότι μπορεί να γίνει αυτόματα και χωρίς να το γνωρίζει ο χρήστης. Μόλις το Angler exploit kit βρίσκει μια ευάλωτη εφαρμογή, όπως το Flash, σερβίρει αυτόματα το malware που απαιτείται.
According to a publication by Heimdal Security, a widely used software that steals data known as Pony "systematically collects all used usernames and passwords from the infected system" and sends them to servers controlled by hackers.
This allows malicious users to access websites, e-commerce sites, and even corporate applications from which they could steal extra data.
Right after the Angler exploit kit, it serves the widely used CryptoWall 4 ransomware, which locks all the victim's files until the ransom is paid. ransom requested by malicious users.
This particular ransomware is served to thousands of users every weekteam, and nets fraudsters $18 million in profits, according to FBI estimates. Other figures show the Cryptowall family has to date yielded $325 million in Bitcoins to those who serve it.
One of the best ways to mitigate the attack is to keep all applications up to date. You should also frequently back up your files to an external hard drive.
Meanwhile, BitDefender has released a "vaccine" that can prevent Cryptowall ransomware infections and is available for free.
Bitdefender CryptoWall Vaccine