![]() ![]() This tactic was used to make locating the Command & Control servers harder for researchers and law enforcement. This DGA was used so that it would produce thousands of domains at a time, with only a couple or so of the domains actually being live. CryptoLockerĬryptoLocker left a footprint in the way of using a Domain Generated Algorithm (DGA). ![]() CryptoLocker was dispersed through malicious email attachments by the Gameover Zeus (G0Z) botnet and used RSA public-key encryption to make files(both locally and on mapped drives) impossible to use unless a ransom was paid in the form of Bitcoin or pre-paid cards, which usually cost about $300- $500 USD/Euro. The next real advancement in the ransomware family came in the form of CryptoLocker. However, as time moved forward, and the income from some of the bigger pharma schemes (real money makers at the time) started to falter, nefarious actors started to work on new and better means to generate revenue. The simplest way to circumvent this lock down was to boot into safe mode, and clean up the infection using any one of various means. It’s unknown how many people actually payed the ransom for this campaign, but one can assume there were quite a few. Scary tactic right? While it might have been frightening to some, all was not really as bad as it appeared to be. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |