Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.
Security Community Blog

New variant of Cryptolocker spreads over removable drives

Created: 02 Jan 2014 • Updated: 02 Jan 2014
SebastianZ's picture
+2 2 Votes
Login to vote

Last week Trend has reported about a new variant of Cryptolocker worm. In Trend Micro terminology -> WORM_CRILOCK.A (http://about-threats.trendmicro.com/us/malware/worm_crilock.a) - this is being detected by Symantec as Trojan.Cryptolocker.B (http://www.symantec.com/security_response/writeup.jsp?docid=2013-122312-5826-99). In a difference to previous variants of Cryptolocker this particular variant spreads over removable devices. Another significant difference is that it does not rely on a malware downloader routine any more to infect the systems but instead works as activator for software like Office or Adobe Photoshop in P2P sites.

 

Reference:
New CryptoLocker Spreads via Removable Drives
http://blog.trendmicro.com/trendlabs-security-intelligence/new-cryptolocker-spreads-via-removable-drives

 

On how to defend against the Cryptolocker threats please check following Symantec publications:

[Trojan.Cryptolocker]
http://www.symantec.com/security_response/writeup.jsp?docid=2013-091122-3112-99
Cryptolocker: A Thriving Menace
https://www-secure.symantec.com/connect/blogs/ransomcrypt-thriving-menace
Cryptolocker Alert: Millions in the UK Targeted in Mass Spam Campaign
https://www-secure.symantec.com/connect/blogs/cryptolocker-alert-millions-uk-targeted-mass-spam-campaign
Cryptolocker Q&A: Menace of the Year
https://www-secure.symantec.com/connect/blogs/cryptolocker-qa-menace-year