Australia specifically targeted by Cryptolocker: Symantec

Australia specifically targeted by Cryptolocker: Symantec

Security vendor finds the latest variant of the cryptomalware

Australian is increasingly being hit by cryptomalware, according to Symantec.

Symantec Pacific region technology senior director, Sean Kopelke, said malware such as Crytolocker continues to spread through email-based social engineering and affect Australian victims.

“When you look at Crytolocker, the most important thing from the hacker’s point of view is the success of getting people to open these up,” he said.

What Symantec found with previous versions of Cryptolocker is it needs to be focused on a particular region to succeed.

“They customise letters to make them looks as if they came from an Australian postal delivery company, energy supplier, or bank, so that’s why the crytomalware has become specific for Australia,” he said.

Fooling the gatekeeper

Kopelke has also seen clever tactics employed by cybercriminals to circumvent security to reach a user and get them to click on a link.

“When a malicious mail came through in the past, what a lot of security technologies would do is find the embedded URL and follow it through to the end,” he said.

“If it knows it is malicious, it will not allow that email to come through.”

However, hackers noticed their malware was being caught, so they started putting a capture form at the end that requiring the user to input text to make it go through.

The malicious servers would also be turned off at the other end, so when the security would scan the email and follow the link to the end, nothing malicious would be found at the end.

“The servers would be started in the morning, as that is when people would come to work, check their inbox and click the link in the email,” Kopelke said.

Same but different

Symantec’s research has found the Trojan.Cryptolocker.F family is the main type of cryptomalware affecting Australian victims.

With this variant, Kopelke said cybercriminals have changed the way they get through to systems.

“It is quite different to the old Cryptolocker, to the point where it is not the same as the original malware,” he said.

“The outcome is the same, where it encrypts data and demands a ransom, but the technologies and code is significantly different.”

Read more: Australian SMBs reliant on antivirus, unaware of APT: Trend Micro

Kopelke said even referring to it as a variant is a “stretch,” though admits cybercriminals have latched on to the word Crytolocker because the “brand recognition” from a hacker’s point of view is “quite strong.”

“If victims are caught by Cryptolocker and don’t have a good backup, attackers hope they will pay the ransom if they feel the likelihood of decrypting the data is low,” he said.

Because cybercriminals have tasted some success with crytpmalware in the Australian region, Kopelke expects them to continuing with this targeted focus.

Patrick Budmar covers consumer and enterprise technology breaking news for IDG Communications. Follow Patrick on Twitter at @patrick_budmar.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags symantecsecurityCryptolockerencryptionmalwaredecryption



Examining the changing job scene in the Kiwi channel

Examining the changing job scene in the Kiwi channel

Typically, the New Year brings new opportunities for personnel within the Kiwi channel. 2017 started no differently, with a host of appointments, departures and reshuffles across vendor, distributor and reseller businesses. As a result, the job scene across New Zealand has changed - here’s a run down of who is working where in the year ahead…

Examining the changing job scene in the Kiwi channel
​What are the top 10 tech trends for New Zealand in 2017?

​What are the top 10 tech trends for New Zealand in 2017?

Digital Transformation (DX) has been a critical topic for business over the last few years and IDC is now predicting a step change as DX reaches macroeconomic levels. By 2020 a DX economy will emerge and it will become the core of what New Zealand industries focus on. From the board level through to the C-Suite, Kiwi organisations must be prepared to think and act digital when the DX economy emerges in 2017.

​What are the top 10 tech trends for New Zealand in 2017?
Top 15 Kiwi tech storylines to follow in 2017

Top 15 Kiwi tech storylines to follow in 2017

​The New Year brings the usual new round of humdrum technology predictions, glaringly general, unashamedly safe and perpetually predictable. But while the industry no longer sees value in “cloud is now the norm” type projections, value can be found in following developments of the year previous, analysing behaviours and patterns to formulate a plan for the 12 months ahead. Consequently, here’s the top Kiwi tech storylines to follow in 2017...

Top 15 Kiwi tech storylines to follow in 2017
Show Comments