Anti-virus experts developers say about a surge of activity malware FileCoder

Posted: September 25, 2013 in IT Security News
Tags: , ,

ESET LogoAnti-virus experts are warning about a surge of activity the malware FileCoder.

IT security company Eset reported about a rapid increase in activity a dangerous Trojan FileCoder, which encrypts your personal data files in order to extort money from the transcript. Most of the victims are Russian users. Experts have recorded an unusual burst of activity malware families Filecoder. According to data obtained using cloud technology Eset Live Grid, Win32/Filecoder activity compared with the average level recorded in the first half of 2013 increased by more than 200%.

From this activity the most affected people of Russia. According to Eset, Russia accounts for 44% of detections. In addition, a significant proportion of infections recorded in Europe – from extortionists FileCoder affected users from Germany, Spain, Italy, Poland, Romania, Ukraine and Czech Republic. Also infected with this malware have been observed in the United States.

Country most affected

The country most affected by malware Filecoder families

Once on the computer, the Trojan encrypts user files, to expand selecting those that are most likely to represent value for him: as a rule, are documents, photos, music files and various archives.

In the Trojan’s information window cybercriminals can report that access to a computer user is limited, because the PC is a source of extremely dangerous virus or distribute links to child pornography. For “extremely hard work on the detection of the virus,” the user may be required to pay from 100 to 3,000 euros.

“Win32/Filecoder family is a greater threat than other types of blockers for extortion, as the user can encrypt files. Various modifications FileCoder use different encryption algorithms on complexity – says Robert Lipovsky, an analyst Eset virus lab. – Amount of foreclosure vary from 100 to 200 euros, but some options may request up to the amount of 3,000 euros. The high amount is consistent with the fact that the attacker usually targets businesses that can usually afford to pay higher ransoms than individuals.”

“The destructiveness and the consequences of infection such malware is difficult to overestimate, because the user loses all of their data. Risk of loss of important information only increase if it comes to infecting computers of employees of the company, as in this case, it may suffer Corporate Information – says Artem Baranov, senior virus analyst Eset Russia. – If in the case of ordinary extortionists, which block the user’s desktop, you can get rid with the help of several well-known acts in the OS, in the case of cryptographer, it may take a very long time. It all depends on the specific modifications FileCoder”.

To read more visit http://www.welivesecurity.com/2013/09/23/filecoder-holding-your-data-to-ransom/

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s