A new strain of Ransomware has hit a large number of high profile targets across the world.
Organization in Russia, Ukraine, Germany, Turkey, Poland and South Korea has all reported infections. At this time we are starting to see infections in the United States.
What we do know is that its definitely ransomware. It swiftly infects the computer and encrypts access to files on the system. Once decryption is complete it holds the files for ransom. Payment options are advertised over the Tor network and payment is made via Bitcoin. There is a countdown timer which advertises a price increase if payment is not made within 40 hours.
Initial attack vector is through a fake flash download from a compromised website. Once on the computer it can move laterally through the network to infect other computer and network resources.
There has been a publicly released vaccine to prevent the spread of this malicious malware. If you are a residential maintenance customer, or a commercial maintenance customer of Cowabunga! Computers, this vaccine has already been applied to your network and computers.
Webroot, the antivirus vendor of choice for Cowabunga! Computers has also made a public statement on the malware which can be viewed at the following video.
We hope that you found this security update valuable as we strive to keep everyone informed on the latest industry news.