Menu
CryptoLocker wannabe targets Australia Post and SDRO customers

CryptoLocker wannabe targets Australia Post and SDRO customers

Ransomware demands Bitcoin payments from victims

Australia Post and State Debt Recovery Office (SDRO) customers were targeted by a sophisticated series of ransomware attacks late in 2014.

The ransomware, known as TorrentLocker, infected victims through emails sent from fake Australia Post and SDRO addresses. After penetrating systems, the malware reportedly identified itself as CryptoLocker.

The report was based on data collected by the Trend Micro web reputation service (WRS) and smart protection network.

The attacks were analysed in conjunction with researchers from Deakin University. The resulting report detailed the nature and process of the attacks that began with a combination of email spam, web threats and malware.

Researchers focused on attacks that took place in November 2014. Victims were sent seemingly authentic emails from Australia Post or the SDRO, prompting them to click on a link.

The links then redirected users to spoof websites where they were required to enter a CAPTCHA code to download what they were led to believe were official documents but were in fact ransomware.

The report outlines the infection chain and demonstrates how the attacker used a variety of tricks at each step in the chain to prevent being identified.

After being downloaded, the software began encrypting files on users machines. Upon penetrating a system, the malware identified itself as CryptoLocker in a clear attempt to capitalise on public knowledge of the now-famous malware. Users were then prompted to pay in Bitcoins to have their data restored.

Trend Micro Australia senior threat researcher, John Oliver, said the attacks represent a long-term trend in the security threat landscape.

Read more: ESET to launch new business line of products in 2015

“Ransomware has proven to be an effective way to infect someone and get money. I can’t see it going away at all. You are going to see ebbs and flows in the exact tactics used, but the trend will continue.”

“We have seen threats in Australia really grow since April 2014, peaking in September to December.”

Oliver said cyber criminals using this type of software are banking on the fact that victims will pay a fee (currently around $600) rather than deal with the inconvenience of encrypted files.

The report said Australians accessed 16.2 million websites in the month of November. The report said 10.5 per cent of Australian IP addresses were exposed to some form of web threat in the period.

The average percentage of malicious web hits was 0.22 per cent, roughly the same as that of Trend Micros' December 2013 report (0.21 per cent).

Oliver offered two key pieces of advice to users to defend against these types of security threats. The first is to backup files and have an effective automated backup solution. He also urged users to ensure they have have strong passwords and an efficient way of managing them, such as through a password manager solution.

Follow Us

Join the New Zealand Reseller News newsletter!

Error: Please check your email address.

Tags trend microsecurityCryptolockerDeakin Universitycyber crimeTorrentLocker ransomwaremalwareBitcoin

Slideshows

Top 50 defining moments of the New Zealand channel in 2016

Top 50 defining moments of the New Zealand channel in 2016

Reseller News looks back on a tumultuous 12 months for the New Zealand channel, assessing the fallout from a year of sizeable industry change. Whether it be local or global mergers and acquisitions, distribution deals or job changes, the channel that started the year differs somewhat to the one set to finish it - Reseller News assesses the key moments that made 2016.​

Top 50 defining moments of the New Zealand channel in 2016
​Hewlett Packard Enterprise honours high achieving NZ channel

​Hewlett Packard Enterprise honours high achieving NZ channel

Hewlett Packard Enterprise honoured its top performing Kiwi partners at the second running of its HPE Partner Awards in New Zealand, held at a glitzy ceremony in Auckland. Recognising excellence across eight categories - from distributors to resellers - the tech giant celebrated its first year as a standalone company, following its official split from HP in 2015.

​Hewlett Packard Enterprise honours high achieving NZ channel
Nutanix treats channel partners to Christmas cruise

Nutanix treats channel partners to Christmas cruise

Nutanix recently took to the seas for a Christmas Cruise around Sydney Harbour with its Australia and New Zealand staff, customers and partners to celebrate a stellar year for the vendor. With the sun out, they were all smiles and mingled over drinks and food.

Nutanix treats channel partners to Christmas cruise
Show Comments