A new ransomware variant called CryptorBit holds encrypted files ransom in exchange for $500 in Bitcoins, a researcher said.
This new ransomware comes out against other competing malware like Cryptolocker and Cyrptodefense, said Stu Sjouwerman, the founder of web-based security awareness training company KnowBe4, LLC, in a blog.
Using social engineering to convince users to install it through a fake Flash update or via a rogue anti-virus product, CryptorBit corrupts the first 512 or 1024 bytes of any data file regardless of its extension.
The ransomware, also known as HowDecrypt, is able to bypass Group Policy settings meant to protect against such infection. Cyber criminals are installing cryptocoin miner software to mine digital coins and deposit them in their digital wallets.
CryptorBit released last December “and after debugging their criminal infrastructure, attacks are now increasing” Sjouwerman said. “Users can’t rely on antivirus since it catches less than 50 percent.”
In addition, the bad guys are also installing cryptocoin miner software which utilizes the victim’s computer to mine digital coins such as Bitcoin, which will end up deposited in the malware developer’s digital wallet, making them even more money, he said.