Ransom 2016 style

ABC Breaking News

Hated Cryptowall 4.0 Now Infects Workstations with Powerful Exploit Kit 

by Stu Sjouwerman for KnowBe4

Earlier than expected – but similar to Cryptowall 3.0 – a few weeks after its release, the hated Cryptowall 4.0 ransomware is now being delivered via the Nuclear Exploit Kit (NEK), according to security researchers at the SANS Internet Storm Center (ISC). Initially, Cryptowall 4.0 was only distributed via malicious spam and phishing emails, but now it has expanded infection of machines via a popular and powerful Exploit Kit.

The current total Cryptowall damage count of 325 million dollars will soon be 400 million. SANS security researcher Brad Duncan wrote in a blog post published Tuesday that a cyber criminal working off domains belonging to Chinese registrar BizCN has been spreading Cryptowall 4.0 ransomware using the NEK.

Duncan said the cyber gang, which he dubbed the “BizCN gate actor”, began distributing the ransomware in payloads from the exploit kit as early as November 20. Duncan published a whole technical analysis on the SANS ISC website which shows how Nuclear Exploit Kit infects a vulnerable Windows host. More at SANS:

Preventing ransomware infections gets hard with these exploit kits, unless you provide effective security awareness training to users, minimize the attack surface on your workstations, patch known vulnerabilities almost immediately, and have a rock-solid backup strategy in place when (not if) these measures fail.

ActSmartDentalThe Most Dental IT Experience
on the South Shore!

David’s Blog Archives
Our Clients Say:
Everybody @ ActSmart is WONDERFUL! We are very relieved to have you on our team & know that we are in great hands. ~Leslie, Glivinski & Associates
Proud To Be:
Attention Dental Practices:

We Offer:
Follow Us: