New CryptoLocker spreads via removable drives

From Botnets.fr
Jump to navigation Jump to search

(Publication) Google search: [1]

New CryptoLocker spreads via removable drives
Botnet CryptoLocker
Malware
Botnet/malware group
Exploit kits
Services
Feature
Distribution vector
Target
Origin
Campaign
Operation/Working group
Vulnerability
CCProtocol
Date 2013 / 2013-12-25
Editor/Conference Trend Micro
Link http://blog.trendmicro.com/trendlabs-security-intelligence/new-cryptolocker-spreads-via-removable-drives/ (Archive copy)
Author Abigail Pichel
Type Blogpost

Abstract

We recently came across a CryptoLocker variant that had one notable feature—it has propagation routines.

Analysis of the malware, detected as WORM_CRILOCK.A, shows that this malware can spread via removable drives. This update is considered significant because this routine was unheard of in other CRILOCK variants. The addition of propagation routines means that the malware can easily spread, unlike other known CRILOCK variants.

Bibtex

 @misc{Lua error: Cannot create process: proc_open(/dev/null): failed to open stream: Operation not permitted2013BFR1369,
   editor = {Trend Micro},
   author = {Abigail Pichel},
   title = {New CryptoLocker spreads via removable drives},
   date = {25},
   month = Dec,
   year = {2013},
   howpublished = {\url{http://blog.trendmicro.com/trendlabs-security-intelligence/new-cryptolocker-spreads-via-removable-drives/}},
 }