New CryptoLocker spreads via removable drives
(Publication) Google search: [1]
New CryptoLocker spreads via removable drives | |
---|---|
Botnet | CryptoLocker |
Malware | |
Botnet/malware group | |
Exploit kits | |
Services | |
Feature | |
Distribution vector | |
Target | |
Origin | |
Campaign | |
Operation/Working group | |
Vulnerability | |
CCProtocol | |
Date | 2013 / 2013-12-25 |
Editor/Conference | Trend Micro |
Link | http://blog.trendmicro.com/trendlabs-security-intelligence/new-cryptolocker-spreads-via-removable-drives/ blog.trendmicro.com (blog.trendmicro.com Archive copy) |
Author | Abigail Pichel |
Type | Blogpost |
Abstract
“ We recently came across a CryptoLocker variant that had one notable feature—it has propagation routines.
Analysis of the malware, detected as WORM_CRILOCK.A, shows that this malware can spread via removable drives. This update is considered significant because this routine was unheard of in other CRILOCK variants. The addition of propagation routines means that the malware can easily spread, unlike other known CRILOCK variants.
Bibtex
@misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1369, editor = {Trend Micro}, author = {Abigail Pichel}, title = {New CryptoLocker spreads via removable drives}, date = {25}, month = Dec, year = {2013}, howpublished = {\url{http://blog.trendmicro.com/trendlabs-security-intelligence/new-cryptolocker-spreads-via-removable-drives/ blog.trendmicro.com}}, }