Menu
Australia specifically targeted by Cryptolocker: Symantec

Australia specifically targeted by Cryptolocker: Symantec

Security vendor finds the latest variant of the cryptomalware

Australian is increasingly being hit by cryptomalware, according to Symantec.

Symantec Pacific region technology senior director, Sean Kopelke, said malware such as Crytolocker continues to spread through email-based social engineering and affect Australian victims.

“When you look at Crytolocker, the most important thing from the hacker’s point of view is the success of getting people to open these up,” he said.

What Symantec found with previous versions of Cryptolocker is it needs to be focused on a particular region to succeed.

“They customise letters to make them looks as if they came from an Australian postal delivery company, energy supplier, or bank, so that’s why the crytomalware has become specific for Australia,” he said.

Fooling the gatekeeper

Kopelke has also seen clever tactics employed by cybercriminals to circumvent security to reach a user and get them to click on a link.

“When a malicious mail came through in the past, what a lot of security technologies would do is find the embedded URL and follow it through to the end,” he said.

“If it knows it is malicious, it will not allow that email to come through.”

However, hackers noticed their malware was being caught, so they started putting a capture form at the end that requiring the user to input text to make it go through.

The malicious servers would also be turned off at the other end, so when the security would scan the email and follow the link to the end, nothing malicious would be found at the end.

“The servers would be started in the morning, as that is when people would come to work, check their inbox and click the link in the email,” Kopelke said.

Same but different

Symantec’s research has found the Trojan.Cryptolocker.F family is the main type of cryptomalware affecting Australian victims.

With this variant, Kopelke said cybercriminals have changed the way they get through to systems.

“It is quite different to the old Cryptolocker, to the point where it is not the same as the original malware,” he said.

“The outcome is the same, where it encrypts data and demands a ransom, but the technologies and code is significantly different.”

Read more: Australian SMBs reliant on antivirus, unaware of APT: Trend Micro

Kopelke said even referring to it as a variant is a “stretch,” though admits cybercriminals have latched on to the word Crytolocker because the “brand recognition” from a hacker’s point of view is “quite strong.”

“If victims are caught by Cryptolocker and don’t have a good backup, attackers hope they will pay the ransom if they feel the likelihood of decrypting the data is low,” he said.

Because cybercriminals have tasted some success with crytpmalware in the Australian region, Kopelke expects them to continuing with this targeted focus.

Patrick Budmar covers consumer and enterprise technology breaking news for IDG Communications. Follow Patrick on Twitter at @patrick_budmar.


Follow Us

Join the newsletter!

Error: Please check your email address.

Tags symantecsecurityCryptolockerencryptionmalwaredecryption

Featured

Slideshows

HP channel recognised at 2017 Partner Awards

HP channel recognised at 2017 Partner Awards

The HP Partner Awards 2017 at Shed 10 kicked off with an AMD-sponsored hackers lounge, a mysterious gaming style area filled with dry ice and red lasers, the waiters wearing Mr Robot style masks.

HP channel recognised at 2017 Partner Awards
Tech industry comes together as Lexel celebrates turning 30

Tech industry comes together as Lexel celebrates turning 30

Leading figures within the technology industry across New Zealand came together to celebrate 30 years of success for Lexel Systems, at a milestone birthday occasion at St Matthews in the City.​

Tech industry comes together as Lexel celebrates turning 30
HP re-imagines education through Auckland event launch

HP re-imagines education through Auckland event launch

HP New Zealand held an inaugural Evolve Education event at Aotea Centre in Auckland, welcoming over 70 principals, teachers and education experts to explore ways of shaping and enhancing learning using technology.

HP re-imagines education through Auckland event launch
Show Comments