Looking for Something Specific?
Search the Blog Archives.
Many experts believe that we are now entering a new era of hacking, cyber attacks, and threats to cybersecurity. If you just read or watch the news on a regular basis, it is very easy to see why experts hold this point of view. Every day there are news reports of cyber attacks that are targeting major websites, organizations, individuals. The frequency and severity of these cyber attacks indicates that hackers are gaining momentum. The most recent case of a cyber attack on the Internet is a ransomware attack, which targeted major media websites.
What is TeslaCrypt Ransomware?
In this most recent case, the hackers used the Angler Exploit Kit in order to deliver the TeslaCrypt ransomware. The Angler Exploit Kit refers to a malicious toolkit that consists of multiple exploits combined into one package for the convenience of hackers and criminals. Traditionally, the TeslaCrypt ransomware is a trojan that specifically targets computers that have game programs installed. However, hackers have developed a new variant of this ransomware that is able to infect computers that don’t have these computer games installed. Chances are this new variant of the TeslaCrypt ransomware is what was involved in this case.
Who was Affected?
Major media websites were targeted by this attack. Some of these major media websites include the NY Times, AOL, BBC, MSN, Newsweek, and the Hill. The ransomware specifically targeted the ad networks of these websites.
According to Malwarebytes, there was a huge increase in malicious traffic to these websites and many others during this time. This indicates that the perpetrators of this attack are experienced hackers who have committed similar attacks many times in the past. What makes this case different is that the cyber criminals managed to obtain the expired domain of an advertising company that is small, but likely legitimate. Acquiring this domain made it easy for the criminals to infect computers with ransomware without immediate detection.
Not only did Trend Micro detect similar spikes of malicious traffic to various websites, but they also noticed a spike in activity that is Angler based. According to Trend Micro, they believe the attacks could have affected as many as tens of thousands of Internet users in less than a day.
The success of this attack and the number of incidents of cyber attacks involving ransomware goes to show that this type of malware is very popular among cyber criminals. Not only is ransomware convenient and easy to use, but it usually ends with major results. Therefore, criminals have no problem spending money and resources upfront to develop brand new variants of ransomware. The costs are small for the criminal, but the potential for revenue is huge. The way criminals earn revenue with ransomware is by forcing the computer user to pay money as a ransom to have the malware removed from their computer. In some cases, computer users are forced to pay as much as $300 to have the ransomware removed from their computer.
How to Protect Yourself Against Ransomware
Unfortunately, it is very difficult for Internet users to protect themselves against ransomware due to its prevalence and effectiveness. The best way Internet users can protect themselves is by backing up their computer on a regular basis. That way, they can simply restore their computer to a previous back up instead of paying the ransom if the user finds that their computer is infected with ransomware. Computer users should also keep their anti-virus software on their computer up to date, because software companies are constantly making updates to the software to protect against new variants of ransomware.