Security researchers have discovered a new ransomware dubbed as “TeslaCrypt”. Apart from the usual assortment of file types that ransomware usually targets, the new malware also encrypts file types associated with video games and game related software as well as iTunes files. The main delivery method is exploit kits including Angler, Sweet Orange and Nuclear exploit kits. Potential targets are being redirected to the site hosting. In one particular case, a security researcher observed that the kit successfully exploited a Flash vulnerability affecting an out-of-date version of Flash player (220.127.116.11). The delivered ransomware still uses a visual identity similar to that of Cryptolocker. While the infection attempt is new, and it is too early to tell how many users will ultimately pay the ransom, a check of said bitcoin address reveals that so far, no one has made a payment. Ransomware has been a popular way for cyber crooks to make money for a while now. Even though there are now ways to restore the files encrypted by some types of ransomware without paying ransom, the best protection you have against this type of malware is to back up regularly all the files you consider important.
IT Security News
The information provided herein is on "as is" basis, without warranty of any kind.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street