ICEPOL a Trojan Ransomware Installed on Over 10K UK Machines; BitDefender

BitDefender says that during 2013, 10,331-or-so computers were infected with Trojan ICEPOL, an infamous ransomware, in UK.

The Cyber-Crime Investigation division of BitDefender studied images inside servers' disks utilized for disseminating ICEPOL and for this the Romanian National Police (RNP) assisted BitDefender. After finding the servers based at city Bucharest (Romania), authorities confiscated the systems followed with analyzing the retrieved data in one technical cooperation initiative with BitDefender.

During May 1st-September 26th, 2013, one amongst dozen servers disseminating the Trojan worldwide managed to log into 267,786 computers and effectively plant the malware. Countries most impacted were USA encountering 42,409 infections and Germany encountering 31,709. In general, there could be more PCs contaminated because other servers disseminating ICEPOL existed and the network kept working even as the above mentioned server was disconnected from the Internet.

There were dual basic functions the confiscated command and control server performed. These were spreading the ransom malware ICEPOL as also executing certain pay-per-click activity of fraudulent nature with the help of one traffic-exchange operation. In a remark Chief Security Strategist Catalin Cosoi of BitDefender said that it seemed the world of crime maintained MDNs (malware distribution networks), which functioned quite same as genuine CDNs so much so that they even maintained syndication and transfer prototypes to raise funds. Infosecurity-magazine.com published this, January 31, 2014.

Moreover, RNP's Chief of the Agency fighting cyber-offense stated that for ICEPOL's investigative outcomes, the basis was cooperation with different intermediate vendors along with agencies of law enforcement. He added that even though the investigations were complex, his agency hitherto attained extremely favorable outcomes and that it would keep on maintaining the fight Thehackernews.com published this, January 29, 2014.

During 2013, sometime in November, BitDefender as well exposed one more dangerous ransomware notoriously known as CrytoLocker that had gotten very well loaded onto over 12,000 targeted PCs mostly within USA spanning not even 7-days. The Trojan deceived users into making huge payment through Bitcoin/MoneyPak to retrieve their malware-encrypted files.

Therefore, users likely to be contaminated with ransomware should maintain up-to-date anti-virus and system software while upgrade their Java application with the latest patches urgently.

» SPAMfighter News - 2/5/2014