The Crypto Virus

One of the most popular instruments for cyber criminals

Learn all about the crypto virus.

Protect your company against the crypto virus

The Hornetsecurity Email Continuity Service keeps your email traffic safe

The danger of Crypto Trojans

CEO fraud, phishing and crypto viruses are some of the most popular attacking methods that cyber criminals increasingly prefer. This is particularly the case with attacks on companies. The assailants are quite creative when it comes to converting their malicious proceedings into money.

This was impressively demonstrated by the recent attacks of Petya, WannaCry and Jaff. Amongst others, public institutions, such as British hospitals, were directly affected by polymorphic crypto viruses.

The same applies to large corporations, such as the pharmaceutical company Merck, various car manufacturers and telecommunication providers, who have also been victims of these blackmail trojans. In the end, however, it also affected smaller companies.

Protect yourself from the crypto virus with Hornetsecurity Advanced Threat Protection

All you have to know about the crypto virus



This is how clever the attackers proceeded during the crypto virus Locky

Professional cyber criminals are quite ingenious when it comes to the infiltration of targeted systems. Even though many ransomware attacks, which are sent via email to the system, can be detected through specific characteristic like a faulty orthography. But not all cyber criminals are that negligent. This is why the attackers used a clever pretence for the crypto virusLocky, which a company employee would not associate with a ransomware attack, as the malware was disguised as an application.

The perpetrators used ordinary names and thus behaved very inconspicuously. The same applied to the composition of the applications as well as the other attachments, such as the photos of the seeming applicants. Crypto virus Locky hid itself in an inconspicuous ZIP file in the email attachment. Once opened, the attachment unfolded its full effect and carried out the encryption of the affected system. At this time, the users had only a restricted or no access at all to the files. The crypto virusspecifically infiltrated individual systems and even encrypted entire networks.



The crypto virus locky in a new form

In 2016 one could observe the ability of the crypto virus Locky within a short time, as the distribution took place very quickly. In this case, the cyber criminals showed their creative power: . The attackers used an invoice in the file attachment as a pretence. The demand and the invoice, which had been stated in the email, seemed convincing enough.

The activation occurred via a simple double mouse click. This started the process ofloading the Trojan to the target system through a disguised code and the encryption through the crypto virus began. Immediately after that,, the ransom demand was made through a program window.

The files of the affected parties could only be restored by a backup. There was no other possibility at that time. The problem lied in the various versions of the crypto virus Locky , for which no universal decryption key existed.. What’s more, the quality of the email content has steadily increased , so that these appeared very authentic.



The victims of a crypto virus are usually deceived

The users of the infected systems were offered a decryption of the files by purchasing a decryption software especially adapted to the user, This method can be seen as a ransom demand. The approach is common practice for cyber criminals who perform a ransomware attack. Even when the decryption software is received, it is not guaranteed that the user can access his data again. For this reason, IT professionals recommend not to pay the ransom.



State institution as decoy for the crypto virus

At a later stage of the attack wave, the crypto virus Locky reached its peak. The senders no longer just used companiy names, but also the names of official institutions such as The Federal Criminal Police Office. The email pretended tohave attached a security software . with whichthe ransomware could be completely removed on the affected computers. The file was, however, the attached Trojan horse, which is ultimately the access to the crypto virus. Even this approach of the perpetrators was successful.

Advanced Threat Protection not only protects you against crypto viruses:



Protection from targeted attacks



Protection from ransomware



Protection from blended attacks



Protection from digital espionage

Protect your company against Ransomware with Hornetsecurity Advanced ThreatProtection:

Without any payment information. Set up in a few minutes.

Company:*
Title:*
Name:*
Surname:*
Business email:*
Phone:*
Mailboxes:*
Select the number of email mailboxes you have in your company.
Country:*
How did you hear about us?*
My attention was drawn by:
Data Privacy*
- I agree to the processing of my data and the establishment of contact by Hornetsecurity or a certified partner in accordance with the data protection guidelines for business contacts.
IT Security News
- I would like to receive Hornetsecurity News regularly
Comments
This field is for validation purposes and should be left unchanged.



Try out our product now!

By prodiding just a few details, you can also try out Advanced Threat Protection right now for 30 days with no obligation. Simply create an account and in just a few minutes your employees and IT systems will enjoy additional protection.

Click here for the onboarding form

Downloads

Whitepaper

Further Questions?

+1 412 924 5350

Chat

Diese Kunden setzen auf die Services von Hornetsecurity

Kunden Hornetsecurity Cloud Security E-Mail Security