Welcome to ITProPortal’s Thursday Threat Report, where we round up the three greatest security threats facing Internet users, smooth-running enterprise, and occasionally even the survival of the world as we know it. Hold onto your hats – things are about to get scary.
Despite all the Cryptolocker scares, your PC isn’t the only device vulnerable to ransomware. A new threat has been hitting Android handsets over the past week.
Simplocker is a mobile Trojan, and the first piece of file-encrypting ransomware to attack Android devices which security firm ESET spotted. Simplocker attacks the infected device by scanning its SD card for certain files (images, documents, and movies), which it then encrypts to make them unusable. The owner of the device is then presented with a ransom demand message, and must pay up to unlock the encrypted files and gain access to them.
Two weeks and counting…
Law enforcement from around the world came together last week in an impressive sinkholing operation designed to disrupt two of the most troublesome pieces of malware on the planet: Gameover Zeus and Cryptolocker.
But then the UK’s National Cyber Crime Unit put out a perplexing piece of advice: users now have two weeks to protect themselves from these two cyber nasties. So what does that mean? Why two weeks? And what can you do to protect yourself?
Check out our full breakdown of measures you can take to protect yourself before the two weeks are up.
Attack of the Molerats
FireEye researchers have been tracking a group of hackers that targets government organisations, financial institutions and surveillance targets in Europe, the US and the Middle East. Nicknamed Molerats, such attacks have been in business since late 2011.
Molerat attacks have wriggled their way through garden-variety backdoors, such as CyberGate and Bitfrost, said the team of experts in a blog post. “Most recently, we have observed them making use of the PIVY and Xtreme RATs.”
In this latest bout of attacks, the targets received spear-phishing emails with a link to a binary that opens a Word document, which acts as a decoy as a RAT is sneakily installed in the background – often with a suspicion-reducing title, such as Chrome.exe, AVG.exe, Download.exe, or the like.
The Word document frequently features political content. The Palestinian situation and other Middle Eastern conflicts, amongst a range of political figures, have appeared within the documents’ pages.