Retarus
observes a major rise in crypto trojans
observes a major rise in crypto trojans
One in six emails
contains a virus
contains a virus
Singapore, April
18, 2016 – After Locky, here comes KePanger,
PowerWare and Petya: Retarus, the global B2B provider of email security from
the cloud, is currently observing a significantly higher incidence of the
crypto trojan Locky, as well as new variations. According to a current analysis
by Retarus security experts, 17% of all incoming email messages are blocked due
to a suspected virus. This corresponds to a fivefold rise in comparison with
the previous month and can be explained primarily by the large increase in
ransomware.
18, 2016 – After Locky, here comes KePanger,
PowerWare and Petya: Retarus, the global B2B provider of email security from
the cloud, is currently observing a significantly higher incidence of the
crypto trojan Locky, as well as new variations. According to a current analysis
by Retarus security experts, 17% of all incoming email messages are blocked due
to a suspected virus. This corresponds to a fivefold rise in comparison with
the previous month and can be explained primarily by the large increase in
ransomware.
On average, in March, one in six emails sent to
mailboxes used for business purposes contained a virus. In total, this means
just as many infected messages occurred per hour as occurred per month in 2015
on average. The analysis by the Retarus experts
revealed that this can be explained by the huge rise in the incidence of crypto
trojans. Whilst in February only around 3% of all incoming emails were
infected, the number of messages filtered in March due to viruses had already
risen to 17%. The reason: During this period, numerous additional versions of
the virus appeared after the first Locky threat wave.
mailboxes used for business purposes contained a virus. In total, this means
just as many infected messages occurred per hour as occurred per month in 2015
on average. The analysis by the Retarus experts
revealed that this can be explained by the huge rise in the incidence of crypto
trojans. Whilst in February only around 3% of all incoming emails were
infected, the number of messages filtered in March due to viruses had already
risen to 17%. The reason: During this period, numerous additional versions of
the virus appeared after the first Locky threat wave.
As crypto trojans can morph their structure quickly
and frequently and, as a result, are able to assume the most diverse forms at
lightning speed, ransomware is not detected immediately by every virus scanner.
Nevertheless, security can be increased using professional cloud services.
Specialized email security services access several scanners in parallel, thereby
continuously expanding their filter rules, which means they can always offer
the latest protection levels. Additional mechanisms, such as a four-level virus
scan, also increase the likelihood of identifying and blocking extortion
trojans in good time.
and frequently and, as a result, are able to assume the most diverse forms at
lightning speed, ransomware is not detected immediately by every virus scanner.
Nevertheless, security can be increased using professional cloud services.
Specialized email security services access several scanners in parallel, thereby
continuously expanding their filter rules, which means they can always offer
the latest protection levels. Additional mechanisms, such as a four-level virus
scan, also increase the likelihood of identifying and blocking extortion
trojans in good time.
Heightened vigilance is essential
To ensure the best possible protection from attacks by
Locky and similar ransomware, email users must be highly vigilant. Retarus
recommends that users deactivate the automatic execution of embedded macro code
in Office programs and that macros should only be activated if they are
absolutely essential and where the corresponding documents originate from known
sources. In principle, users should only open email attachments if the sender
or the process described in the email is trustworthy. So that potentially
affected data can be restored quickly and – wherever possible – without losses,
important data should be backed up on a regular basis. Here it should be noted
that Locky can also attack external data media if this is permanently connected
to the computer. Caution is also advised in the event of an extremely slow
processor response, elevated hard drive activity without a detectable reason,
or files with the extension .locky on the hard drive. To close existing gaps in
security, the latest versions of virus scanners should always be installed and
regular patches performed.
Locky and similar ransomware, email users must be highly vigilant. Retarus
recommends that users deactivate the automatic execution of embedded macro code
in Office programs and that macros should only be activated if they are
absolutely essential and where the corresponding documents originate from known
sources. In principle, users should only open email attachments if the sender
or the process described in the email is trustworthy. So that potentially
affected data can be restored quickly and – wherever possible – without losses,
important data should be backed up on a regular basis. Here it should be noted
that Locky can also attack external data media if this is permanently connected
to the computer. Caution is also advised in the event of an extremely slow
processor response, elevated hard drive activity without a detectable reason,
or files with the extension .locky on the hard drive. To close existing gaps in
security, the latest versions of virus scanners should always be installed and
regular patches performed.
Please refer to Retarus’ blog post for more
information: How to protect yourself from
blackmail Trojan Locky.
information: How to protect yourself from
blackmail Trojan Locky.
For the LATEST tech
updates,
updates,
FOLLOW us on our Twitter
LIKE us on our FaceBook
SUBSCRIBE to us on our YouTube
Channel!
Channel!
