Ransomware on rise in Asia, says Trend Micro
Digital extortion rackets now targeting users beyond North America and Europe
Ransomware, malevolent programs that lock down systems until payment is delivered to the attackers, is spreading beyond its traditional hunting grounds of North America and Europe, to plague users in other regions, according to cyber security specialist Trend Micro.
"Although ransomware isn't a new thing, many users still find themselves victimised by it without knowing how their device got infected," the company said in a statement.
Users can download ransomware unknowingly, by visiting malicious or compromised websites. It can also be dropped or downloaded onto systems by other malware. Furthermore, Trend Micro warns that paying the ransom does not guarantee a revival of systems.
"Though crypto-ransomware detections are prevalent in regions like North America and Europe, we have noted a spike in incidences outside of these territories," said Ihab Moawad, head of MMEA, Trend Micro.
"Much interest in the Critroni or Curve-Tor-Bitcoin (CTB) Locker, an old crypto-locker variant, is already being noticed in Asia. Though the number of detections in these new territories is not as large, it can still be a precursor for more widespread crypto-ransomware incidents in the near future."
The CTB Locker directly asks for payment in Bitcoins in exchange for release of data. The most common version of the ransomware demands 3 bitcoins ($732.95). It does not require the Internet to encrypt files, functioning even without a connection.
While the Middle East is not under immediate attack, research from Trend Labs indicates ransomware has plagued several systems in neighbouring countries.
"It is, hence, of paramount importance that organisations act swiftly and update their systems," Trend Micro urged. "Do not forget to back up your data, preferably on a different media source. Most importantly, clicking on unknown links should be avoided, since malware infection is most likely by doing so."
603 days ago
The Statement "While the Middle East is not under immediate attack..." is not correct. We have been attacked by Ransomware recently i.e.: last month Jan'15. And same has been noticed by other local companies as well.
The same has been notified by aeCERT yesterday.