yiwhe.blogg.se - Eset business ransomware

The files with the following extensions are targeted. The latest type of ransomware is more ‘dangerous’ than the widespread ‘police’-ransomware category, according to ESET Ireland, as it also encrypts the victim’s files – usually pictures, documents, music and archives.

Manual installation by the attacker through remote (RDP) infiltrationĪ Filecoder family that has been spreading via RDP also uses scareware tactics, and introduces itself as an ‘Anti-Child Porn Spam Protection’ message or as being from the ACCDFISA (Anti Cyber Crime Department of Federal Internet Security Agency) – no such agency exists.

Installation by another trojan-downloader or back door.

Through drive-by downloads from malware-laden websites.Trojans that encrypt files and try to extort a ransom from their user in exchange for a decryptor utility have nearly doubled from January to July 2013, according to antivirus and security software solutions provider ESET Ireland.ĮSET detections of this malware category are usually flagged as Win32/Filecoder or Win32/Gpcode, and ESET LiveGrid telemetry reveals the weekly number of Win32/Filecoder detections have risen by more than 200pc since July 2013 from the average numbers in January through June 2013.Ĭyber-criminals using the Filecoder ransomware use various methods to get the malware onto victims’ systems: