Security software provider ESET has reported that it has received multiple reports of a new malware-spreading campaign in various countries.
Security software provider ESET reports that it has received multiple reports of a new malware-spreading campaign in various countries, mostly in Latin America and Eastern Europe. It starts with a fake email purporting to contain a fax, but is in reality a campaign to spread malicious code. The code encrypts the victim’s files and is then used to extort a ransom in bitcoins for retrieval of the encrypted information.
Called CTB-Locker Ransomware, the malware has caused headaches for thousands of users. Poland, Czech Republic and Mexico iare the most affected, as shown in the following graphic:
The attack began with a fake email arriving in the users’ inbox. The subject of the email pretends that the attachment is a fax; the file is detected by ESET asWin32/TrojanDownloader.Elenoocka.A. If you open this attachment and your antivirus software does not protect you, a variant of Win32/FileCoder.DA will be downloaded to your system; all your files will be encrypted and you will lose them forever, unless you pay a ransom in bitcoins to retrieve your information.
Files with extensions such as mp4, .pem, .jpg, .doc, .cer, etc. are encrypted by a key, which makes it virtually impossible to recover the files. Once the malware has finished encrypting user information, it displays a warning and also changes the desktop background with a message similar to that seen in the image below:
Another peculiar detail of CTB-Locker is this: not only is the message shown to the user in different languages , but it also displays the currency appropriate to that language. If the user chooses to view the message in English, the price is in US dollars, otherwise the value will be in Euros.
While the encryption technique used by CTB-Locker makes it impossible to recover files by analysing the payload, there are certain safety measures that are recommended for users and companies:
· If you have a security solution for mail servers, enable filtering by extension. This will help by allowing you to block malicious files with extensions such as .scr, as used by Win32/TrojanDownloader.Elenoocka.A
· Avoid opening attachments in emails of dubious origins where the sender has not been identified.
· Delete emails or mark them as spam to prevent other users or company employees being affected by these threats.
· Keep security solutions updated to detect the latest threats that are spreading.
· Perform up-to-date backups of your information.
Mitigating such attacks is no simple task, and you need to take a proactive stance by supporting security technology with awareness and education.
SA gets digital archive
As the world entered the centenary of Nelson Mandela’s birth on Mandela Day, 18 July 2018, South Africa celebrated the launch of a digital living archive.
The southafrica.co.za site carries content about the country’s collective heritage in South Africa’s eleven official languages.
Designed as a nation building, educational and brand promotion web based tool, the free-to-view platform features award-winning photographic and written content by leading South African photographers, authors, academics and photojournalists.
The emphasis is on quality, credible, factual content that celebrates a collective heritage in terms of the following: Cultural Heritage; Natural Heritage; Education; History; Agriculture; Industry; Mining; and Travel.
At the same time as reflecting on the nation’s history, southafrica.co.za celebrates South Africa’s natural, cultural and economic assets so that the youth can learn about their nation in their home language.
Southafrica.co.za Founder and CEO Hans Gerrizen conceptualised southafrica.co.za as a means for youth and communities from outlying areas to benefit from the digital age in terms of the web tool’s empowering educational component.
“We can only stand to deepen our collective experience of democracy and become a more forward planning nation if we know facts about our nation’s past and present in everyone’s home language,” he says.
Southafrica.co.za, with sister company Siyabona Africa, is the organiser and sponsor of the Mandela: 100 Moments photographic exhibition that runs until 30 September at Cape Town’s V&A Waterfront-based Nelson Mandela Gateway to Robben Island. The 3-month exhibition, which runs daily from 08h00 until 15h00, is showcasing one hundred iconic Nelson Mandela images taken by veteran South African photojournalist and self-taught lensman Peter Magubane.
Street art goes electric
Kaspersky Lab and British street artist D*Face have unveiled the first-ever “art helmet” design at the Formula E finale for electric cars in New York.
The ‘Save The World’ helmets will be raced by DS Virgin Racing’s drivers, Sam Bird and Alex Lynn, as they traverse the New York street circuit during the final races of the Formula E season.
The announcement signals the first art helmet by a Formula E team, continuing the heritage of art in motorsport and the cybersecurity brand’s commitment to contemporary art, creativity and innovation. D*Face took inspiration from Kaspersky Lab’s tagline, “A Company To Save The World”, and hopes that his colourful work will inspire people to take positive action.
D*Face will announce his first-ever art car design with a custom-made livery for the DS Virgin Racing Team. Its design will be released at the “Art Goes Green” event after Saturday’s race. The helmets and art car are the latest installations in the “Save the World” collection, following a major permanent public mural that was installed in Brooklyn, New York, in May.
D*Face, whose real name is Dean Stockton, said: “It is exciting to work with Kaspersky Lab on this project and create art with a real message of hope for a better future. After all, this is our world and we need to look after it. It will take every one of us to make a real lasting, impactful change. I love the mentality of the DS Virgin Racing Team and that of Formula E by showcasing sport in a way that doesn’t harm the environment, but is still just as exhilarating and fun.
“It is time for us all to stand together and make a change… be that stopping data steals, climate change, plastic waste or using damaging fuels. I want everyone to make a pledge to do one thing that will help make a change.”
As a sponsor of DS Virgin Racing Team, Kaspersky Lab is responsible for protecting the team’s devices against cyber threats. The company sees the technical environment in the global sport of Formula E as the next frontier in furthering its research and development of new technologies to keep vehicles secure in the digital world.
Sylvain Filippi, Managing Director at DS Virgin Racing, said: “The whole team fully supports this great initiative and our thanks got to Kaspersky and D*Face for their collaboration. It’s an honour to have such an innovative artist bring his talents to bear in our team ahead of the season-finale; the car, drivers’ crash helmets and mural all look amazing.”
Aldo Fucelli Pessot del Bo, Head of Global Partnerships and Sponsorships at Kaspersky Lab added: “There is a need for innovation on a global scale, both in contemporary art and in the fast-growing sport of Formula E. Now, for the first time ever, Kaspersky Lab is proudly bringing together the two sectors in an effort to Save the World and unleash creativity, encourage freedom of expression and further innovation.”