Major increase in Filecoder malware
Posted on 24.09.2013
The ESET HQ malware research lab is reporting an unusual spike in the actvity of Filecoder malware - Trojans that encrypt user files and try to extort a ransom from the victim in exchange for a decrypting software.

ESET LiveGrid - the company’s cloud-based malware collection system - has shown a rising weekly number of Win32/Filecoder detections by over 200% since July 2013 from average numbers in January - June 2013. The most significant share of detections (44%) are from Russia, but a significant share is reported in southern Europe (Italy, Spain), Central and Eastern Europe (Germany, Czech Republic, Poland, Romania and Ukraine), and the United States.

To infect the computer, cybercriminals are using various infiltration methods: drive-by downloads from malware-laden websites, e-mail attachments, installation through another Trojan or backdoor, or even manual installation by the attacker.

“The Win32/Filecoder malware family is more dangerous than other types of so-called ransomware as they usually encrypt pictures, documents, music and archives. A wide range of techniques and levels of sophistication has been seen in different variants over time,” says Robert Lipovsky, ESET Malware Researcher.

“It can be very expensive. Malware samples in this category usually request sums of around €100 – €200, however some have been seen extorting up to €3000. The high amount is consistent with the fact that the attackers usually target businesses that can usually afford to pay higher ransoms than individuals,” he adds.

One recent variant puts the victims under pressure by displaying a countdown timer indicating that the encryption key will be permanently deleted, making the recovery of the encrypted files nearly impossible.

ESET advises internet surfers to stay protected with regularly updated anti-virus software. However, it is also a good idea to password-protect anti-malware software's settings to prevent them being altered by an attacker and backup regularly.


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th