Flexnet Networks LLC Blog

Flexnet Networks LLC Blog

Flexnet Networks LLC has been serving the Texas area since 2010, providing IT Support such as technical helpdesk support, computer support and consulting to small and medium-sized businesses.

When DDoS Attacks and Ransomware Combine, the Results are Ugly

When DDoS Attacks and Ransomware Combine, the Results are Ugly

Ransomware, the malware variant that has appeared more and more frequently has struck again, this time targeting users of Microsoft Outlook in a zero-day attack. A malware variant of Cerber (a ransomware) was recently utilized in a large scale attack on users of the messaging program, sent via phishing emails to corporate users.

What’s worse, this variant of Cerber is more than just your typical ransomware, as it also possesses DDoS capabilities.

DDoS, or Distributed Denial of Service, programs utilize the previously infected systems in their attacks on new victims as part of a botnet, causing the target system to cave under a deluge of useless traffic. Therefore, as an unfortunate recipient of this malware tries to resolve the problem, their system has already been assimilated into a cyber horde that’s attacking other systems.

Cerber demands a ransom of 1.24 Bitcoins to unlock the currently uncrackable ransomware, which converts (as of this writing) to approximately $718 US dollars.

The attack typically goes down as such: An intended victim receives an email with the ransomware. If activated, Cerber adds three files onto the desktop of the victim’s computer, each containing the same message. One is TXT format, one is HTML, and one is a Visual Basic Script that converts into an audio message. Their message reads: Attention! Attention! Attention! Your documents, photos, databases and other important files have been encrypted! The most annoying part is that every startup will trigger this message.

The other two files also contain instructions to navigate to the Tor payment site in order to pay the ransom, with the phrase “What doesn’t kill me makes me stronger,” transcribed in Latin at the bottom. As a brief reminder, we never recommend paying a malware ransom, as there is no guarantee that they will comply and release your files, and your funding will only contribute to further attacks.

As there is currently no known fix for Cerber, it is critical that businesses (the clear target of the ransomware) avoid falling victim to it, or any phishing-based attack for that matter. To do so, decision makers in companies should implement and enforce the following policies in their day-to-day practices.

    n
  1. Users should be informed of email security best practices, including not running or opening attachments from unknown sources or suspect emails in general.
  2. In case of possible infection, all files should be kept on an isolated backup to prevent data loss. An infected backup is no good, and so it should remain separate from the network to avoid such a circumstance.
  3. Be sure to keep all systems thoroughly updated with the latest versions of all your protections, as malware designers are in a constant race with their programs to outpace those who design protective programs.

To find out more about threats like this affecting your business, subscribe to Flexnet Networks LLC’s blog.

Tip of the Week: Why Routinely Changing Your Passw...
NATO Officially Declares Cyberspace a Battlefield
 

Comments

No comments made yet. Be the first to submit a comment
Guest
Already Registered? Login Here
Thursday, 21 November 2024

Captcha Image

Request a Consultation

Flexnet Networks LLC strives to provide the best comprehensive IT, Computer, and Networking services to small businesses. We can handle all of your organization's technology challenges.

Contact Us
Contact Us

Learn more about what Flexnet Networks LLC can do for your business.

1706 W. Texas Ave,
Midland, Texas 79701

Call us: (432) 520-3539

Tampa Managed IT Services

Midland Managed IT Services

News & Updates
Flexnet Networks LLC is proud to announce the launch of our new website at www.flexnetllc.com. The goal of the new website is to make it easier for our existing clients to submit and manage support requests, and provide more information about our services for ...