Security Audit

Our Web Application Pentest ( WAP) attempts to address the Owasp top 10 & SANS top 20 web application vulnerabilities and other exploitable loopholes of your web application . Along with it our WAP team also test web applications for Business logic flaws that can directly or indirectly effect the functioning of application.

Trainings

We are here to help you solve your biggest query- where and how to start? CDI has brought various courses in Ethical Hacking in Chandigarh where all you technology lovers will be given the much needed push to move forward and create a niche for yourself in the field. From Beginner to Expert level we have many kinds of training patterns.

Call Us : +91-771045-0011 | +91-771045-0022

Use Removable Devices Carefully! ZCryptor Ransomware May Harm Your System!

 

Ransomware attacks are growing very fast from last year. Hackers are targeting users by using different types of Ransomwares like Samas, Petya, Locky (For Windows), Linux.Encoder (For Linux), LockDroid (Android) and KeyRanger for (Mac OS X). According to security researchers of Microsoft, cyber crooks are using a new type of ransomware to target users. The name of this Ransomware is ZCryptor. This ransomware could infect removable devices and these removable devices are able to encrypt the data of connected systems. This is a new type of Ransomware and hackers are using different methods to spread this Ransomware. This Ransomware is spreading malicious files through spam emails, by sending fake installers requests and malicious voice emails.

 

How it works?

ZCryptor is a hard coded Ransomware. It can hide itself behind the important program files of system. It drops a file named “autorun.inf” in the file system of removable devices. This “autorun.inf” is a malicious file which could infect all the systems these drives are plugged into. It could infect network devices also. Win32/ZCryptor.A may change its working functionality and attributes by droping some malicious files in file explorer. The Ransomware is targeting those systems, which are using Windows 7, Windows 8 and Windows XP Operating Systems. ZCryptor could make a registry file of itself for infecting boot time removable devices.

 

Also Read: What is Ransomware?

 

Files Used by ZCryptor Ransomware

  • zycrypt.lnkin (Startup Folder)
  • {Drive}:\system.exe (Hidden File)
  • %appdata%\zcrypt.exe (Hidden File)

 

Fingerprints of ZCryptor Ransomware

This Ransomware is infecting program files and changing their extension into ".zcrypt". It is very smart Ransomware because it is also making a zcrypt1.0 mutex on devices to recognize them in future. This Ransomware is using Command and Control Servers to send information. The authors of this ransomware are professional hackers that’s why the server files goes disable when researchers made a scan of it. Hackers are demanding 1.2 Bitcoins from victims for decryption key. If victim will not make this transaction for four days, the price of decryption key may change into 4 Bitcoins.

 

Leave a Reply

Name
Email id
Contact No
Comment

See more of Cyber Intelligence by logging in.
Connect with cyber security experts,Discover job opportunities,Online Training, Information Security Advisory and lot more.