Sign up for The Paypers newsletter Follow The Paypers on LinkedIn Follow The Paypers on Twitter Follow The Paypers on Facebook
The Paypers, paypers, Insight in payments, News, Reports, Events
 advertisement
Digital Identity, Security & Online Fraud

KnowBe4 issues ransomware payloads alert with DDos

Tuesday 24 May 2016 | 08:43 AM CET

KnowBe4 has issued an alert on a malicious new trend in ransomware which adds DDos component.

A new variant of the Cerber ransomware is now adding a DDoS bot that can blast spoofed network traffic at various IPs. This is the first time DDoS malware has been inserted into a ransomware infection. This means that while the victim is unable to access their endpoint, that same endpoint is being used to deny service to another victim.

Stu Sjouwerman, KnowBe4’s CEO, said that the virus relies on social engineering the employee to activate the Macro feature in Office, which then executes a malicious VBScript that downloads and runs the malware.

The ransomware is executed first, which encrypts the user's data and then blocks their access to the machine by locking the screen. After that, a second binary called 3311.tmp is launched into execution and starts sending a large amount of network traffic out of the infected computer.

The attackers use Visual Basic to launch a file-less attack, and most antiviruses are completely blind to file-less attack methods. Consequently, they are unable to see this until it has been dropped on the disk. At that point scanners can find it, but often that's too late.

KnowBe4 is a security platform helping organizations manage the problem of social engineering tactics through security awareness training.

 advertisement
 advertisement
 advertisement
 advertisement