Story image

Warning: Ransomware email campaign on a rampage

24 Mar 2015

The Department of Internal Affairs is warning people to beware of a ransomware email campaign that could cripple IT systems.

Toni Demetriou, Internal Affairs electronic messaging compliance unit manager, says the emails purport to offer a person’s resume or CV in an attachment but contains ransomware called “Cryptowall 3.0”.

He says they should be deleted immediately.

Cryptowall is a variation of ransomware, and encrypts files on an infected computer including any files accessible on network drives.

The victim can no longer access files on their computer, and is asked to pay around $665NZD, or 0.5 bitcoin, to receive the files.

The victim only has a certain amount of time to make the payment before the files will no longer be able to be saved (or ‘decrypted’). Cryptowall has been around for some time and is now up to version 3.0.

“Ransomware is a significant threat to IT systems. It’s malicious software that can bring an IT system to its knees and hold a home user or large corporation to ransom.

“Yet, it can be activated by a few simple clicks in an email spam message. Once installed, it locks out the computer user and presents a message that demands payment in order to restore normal functionality to the computer,” Demetriou says.

He says people can protect themselves from such threats by:
- Not opening attachments or clicking on hyperlinks in unsolicited emails
- Ensuring computer systems are up-to-date and running up-to-date antivirus software
- Conducting routine backups of important files, and keeping backups offline (i.e. not connected to the computer or network)
- Educating other users about this threat.

The EMCU received one of the dodgy emails this week.

The message subject line said 'Resume [senders name]', and contained a zipped file (.zip) attachment titled 'Resume [senders name].zip'.

The zipped file contained the Trojan to Cryptowall. The body of the message reads: “My name is [person’s full name], attached is my resume. I look forward to hearing back from you. Sincerely, [person’s first name]."

Demetriou says the email message aims to attract or persuade the recipient into opening the attachment and could have been tailored specifically for Human Resource departments.

The form and content of such emails can change and it is important that recipients remain cautious to any unsolicited email messages, he says.

Interview: Culture and cloud - the battle for cybersecurity
ESET CTO Juraj Malcho talks about the importance of culture in a cybersecurity strategy and the challenges and benefits of a world in the cloud.
Enterprise cloud deployments being exploited by cybercriminals
A new report has revealed a concerning number of enterprises still believe security is the responsibility of the cloud service provider.
Ping Identity Platform updated with new CX and IT automation
The new versions improve the user and administrative experience, while also aiming to meet enterprise needs to operate quickly and purposefully.
Venafi and nCipher Security partner on machine identity protection
Cryptographic keys serve as machine identities and are the foundation of enterprise information technology systems.
Machine learning is a tool and the bad guys are using it
KPMG NZ’s CIO and ESET’s CTO spoke at a recent cybersecurity conference about how machine learning and data analytics are not to be feared, but used.
Seagate: Data trends, opportunities, and challenges at the edge
The development of edge technology and the rise of big data have brought many opportunities for data infrastructure companies to the fore.
Popular Android apps track users and violate Google's policies
Google has reportedly taken action against some of the violators.
How blockchain could help stop video piracy in its tracks
An Australian video tech firm has successfully tested a blockchain trial that could end up being a welcome relief for video creators and the fight against video piracy.