Menu
CryptoLocker wannabe targets Australia Post and SDRO customers

CryptoLocker wannabe targets Australia Post and SDRO customers

Ransomware demands Bitcoin payments from victims

Australia Post and State Debt Recovery Office (SDRO) customers were targeted by a sophisticated series of ransomware attacks late in 2014.

The ransomware, known as TorrentLocker, infected victims through emails sent from fake Australia Post and SDRO addresses. After penetrating systems, the malware reportedly identified itself as CryptoLocker.

The report was based on data collected by the Trend Micro web reputation service (WRS) and smart protection network.

The attacks were analysed in conjunction with researchers from Deakin University. The resulting report detailed the nature and process of the attacks that began with a combination of email spam, web threats and malware.

Researchers focused on attacks that took place in November 2014. Victims were sent seemingly authentic emails from Australia Post or the SDRO, prompting them to click on a link.

The links then redirected users to spoof websites where they were required to enter a CAPTCHA code to download what they were led to believe were official documents but were in fact ransomware.

The report outlines the infection chain and demonstrates how the attacker used a variety of tricks at each step in the chain to prevent being identified.

After being downloaded, the software began encrypting files on users machines. Upon penetrating a system, the malware identified itself as CryptoLocker in a clear attempt to capitalise on public knowledge of the now-famous malware. Users were then prompted to pay in Bitcoins to have their data restored.

Trend Micro Australia senior threat researcher, John Oliver, said the attacks represent a long-term trend in the security threat landscape.

Read more: ESET to launch new business line of products in 2015

“Ransomware has proven to be an effective way to infect someone and get money. I can’t see it going away at all. You are going to see ebbs and flows in the exact tactics used, but the trend will continue.”

“We have seen threats in Australia really grow since April 2014, peaking in September to December.”

Oliver said cyber criminals using this type of software are banking on the fact that victims will pay a fee (currently around $600) rather than deal with the inconvenience of encrypted files.

The report said Australians accessed 16.2 million websites in the month of November. The report said 10.5 per cent of Australian IP addresses were exposed to some form of web threat in the period.

The average percentage of malicious web hits was 0.22 per cent, roughly the same as that of Trend Micros' December 2013 report (0.21 per cent).

Oliver offered two key pieces of advice to users to defend against these types of security threats. The first is to backup files and have an effective automated backup solution. He also urged users to ensure they have have strong passwords and an efficient way of managing them, such as through a password manager solution.


Follow Us

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.

Tags malwarecyber crimetrend microDeakin UniversityBitcoinCryptolockerTorrentLocker ransomware

Events

Featured

Slideshows

Channel kicks 2021 into gear as After Hours returns to Auckland

Channel kicks 2021 into gear as After Hours returns to Auckland

After Hours made a welcome return to the channel social calendar with a bumper crowd of partners, distributors and vendors descending on The Pantry at Park Hyatt in Auckland to kick-start 2021.

Channel kicks 2021 into gear as After Hours returns to Auckland
The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards

Hundreds of leaders from the New Zealand IT industry gathered at the Hilton in Auckland on 17 November to celebrate the finest female talent in the Kiwi channel and recognise the winners of the Reseller News Women in ICT Awards (WIICTA) 2020.

The Kiwi channel gathers for the 2020 Reseller News Women in ICT Awards
Show Comments