News Feature | March 19, 2015

KnowBe4 Warns Of Onslaught Of New Ransomware Strains

Christine Kern

By Christine Kern, contributing writer

KnowBe4 Warns Of Onslaught Of New Ransomware Strains

In an unsettling trend, cybercriminals have launched a new wave of ransomware attacks that include several new malicious strains targeting both businesses and consumers, according to KnowBe4, a provider of web-based security awareness training to small and medium sized enterprises.  The new strains expand capabilities into unmapped network drives, malicious help files, and games.

The new strains include a new version of CryptoWall, which hits end users with phishing emails that contain malicious .chm attachments, infecting networks with the most sophisticated ransomware detected to date. 

CryptoFortress is a newly discovered variant that is similar to TorrentLocker, but which can encrypt files over network shares even when they are not mapped to a drive letter. A “CryptoLocker-like” variant was identified as responsible for a ransomware attack on California Law firm Ziprick and Cramer LLP , infecting one workstation and then spreading to their server.

Yet another version of ransomware called TeslaCrypt has been targeting the $81 billion gamer market by placing a strong emphasis on encrypting video game related files. TeslaCrypt targets over 40 different game-related files, including RPG Maker, Call of Duty, Dragon Age, StarCraft, MineCraft, World of Warcraft, World of Tanks, and Steam.

Last month, KnowBe4 warned about a new ransomware strain called “Fessleak,” a Russian variety that delivers malicious code straight into system memory without dropping any files on a disk.

Stu Sjouwerman, CEO of KnowBe4 states, “These new capabilities of cryptoware change the threat landscape for all server and network administrators and it is even more important than ever to properly secure your shared folders with strong permissions. Between increasingly sophisticated phishing emails and exploit kits on compromised websites, users need to be trained to recognize threats with effective security awareness training. System administrators should also patch workstations religiously and tighten up proxy/firewall rules.”

Sjouwerman emphasizes the importance of training: advised, “Since employees often access their own personal email over company networks or surf the web over lunch, it is essential to put in place a more effective human firewall and protect your company assets.”