Trend Micro says that New Ransomware Targets Locals in Turkey and Hungary

Security researchers of security firm Trend Micro say that they have recognized a number of ransomware attacks adapted by cybercriminals to hit local markets. For example, two assaults have been identified - one targeted at Internauts in Turkey and the other aimed at Internauts in Hungary.

The Turkish variant does not look fancy but users are alerted via pop-up and desktop wallpaper asking for a payment of certain amount of cash within 72 hours to recover their tainted files.

Victims are informed that their most significant files have been encrypted by the attackers with a technique which makes them impracticable to recover devoid of the appropriate key. In this particular case, the attacker employs an email address belonging to a provider in Ukraine and Trend Micro detected this malware as TROJ_RANSOM.ZD.

The second variant of ransomware targets specifically Hungarian users which is identified as TROJ_RANSOM.HUN and registers the file types which were encrypted the steps to unfasten the file and the sum of ransom (20,000 forints which is little less than 90 US dollars).

According to a statement published by Blog.trendmicro.com on 21st February, 2014, Ilja Lebedev, Threat Analyst with EMEA Regional TrendLabs commented on the above ransomware attacks through a blog as "While the assaults may have similar behavior, analysis of Trend Micro indicates that malware files themselves are not interrelated. This shows that several cyber crime groups have 'gone local" and are adjusting to ransomware tactics for their local "markets" which might have been encouraged by the triumph of CryptoLocker in past few months."

Trend Micro advises users to be cautious while opening all emails because files cannot be decrypted (may be without paying the fee) and it is also a good practice to have back-up files in case of instances such as this one.

Finally and sadly the discovery of the above ransomware proves the prediction by AVG in January, 2014 true as ransomware and malware will go a 'level up' in 2014 after the emergence of the CryptoLocker in 2013. CryptoLocker was an inevitable continuation of the ransomware trend which boldly attempted to extort money from victims costing more money and time than before.

» SPAMfighter News - 3/5/2014