New GandCrab Variants, Varied Payloads Delivered Via Spam Campaign
Security researchers found an ongoing spam campaign aimed at infecting as many systems as possible through simultaneous configurations and infection payloads. New variations of GandCrab ransomware have successfully infected a large number of servers in India, Chile, Peru, the United States, and the Philippines since its discovery in January 2018. With varying infection methods, spam mail attacks have surged in the past couple of days through exploit kits.
[Read: The ransomware landscape in 2017]
[Related: Ransomware: Past, Present and Future]
The malware leaves a ransom note with a link leading its victims to a site that requires a ToR browser to access. Victims are instructed to pay $400 in Dash — a cryptocurrency considered more difficult to trace and easier to process —for the decrypt key. The attackers double the ransom when it's not paid within the stated period.
Ransomware threats and cybercriminals are getting more creative when it comes to profiting from their victims. Trend Micro recommends that affected victims avoid paying the ransom as there is no assurance that the files will be recovered.
[Roundup: The Paradox of Cyberthreats]
Users can easily detect and prevent GandCrab with the right protection systems in place. Here are a few recommendations to protect your businesses and personal information from these types of threats:
- Regularly back up important data and media files. Practice the 3-2-1 system
- Regularly download software updates to patch potential vulnerabilities that can be exploited
- Implement network segmentation and data categorization for layered protection and limit the amount of data accessible to employees
Enterprises can be protected on all fronts from the gateway to the endpoint user. Trend Micro XGen™ security software ensures of a full range of protection through cross-generational defense techniques to secure your business from known, unseen and unknown threats. Protect your business data and applications unobtrusively, and get ahead of threats 24/7 with Hybrid Cloud Security, User Protection, and Network Defense.
Like it? Add this infographic to your site:
1. Click on the box below. 2. Press Ctrl+A to select all. 3. Press Ctrl+C to copy. 4. Paste the code into your page (Ctrl+V).
Image will appear the same size as you see above.
- Ransomware Spotlight: Trigona
- Steering Clear of Security Blind Spots: What SOCs Need to Know
- Understanding the Kubernetes Security Triad: Image Scanning, Admission Controllers, and Runtime Security
- Preempting Threats to Connected Cars: The Importance of Cybersecurity in a Data-Driven Automotive Ecosystem
- Your Stolen Data for Sale