Lumension® Endpoint Intelligence Center

Intelligence Center » News Archive » CryptoWall ransomware also adds infostealer to compromised systems

CryptoWall ransomware also adds infostealer to compromised systems

2015/03/23

Softpedia - (International) Security researchers at Trend Micro discovered that the latest version of the CryptoWall ransomware contains the Fareit infostealer which collects credentials from programs including email clients, Web browsers, file transfer protocol (FTP) clients, and digital currency wallets. The malware is delivered via an archived JavaScript attachment in an email claiming to deliver a resume that connects to command and control (C&C) servers to download JPG images as a ploy to bypass intrusion detection systems (IDS).

Source: http://news.softpedia.com/news/CryptoWall-Ransomware-Also-Adds-Infostealer-to-Compromised-Systems-476481.shtml

Note: This news synopsis is taken from the DHS Daily Open Source Infrastructure Report, a daily [Monday through Friday, except US Federal holidays] summary of open-source published information concerning significant critical infrastructure issues; a 10-day archive of the DOSIR can be found at: http://www.dhs.gov/dhs-daily-open-source-infrastructure-report.


Last Updated: 27 May 2016 10:23:48