openPR Logo
Press release

KnowBe4 CyberAlert: Double-Barrel Ransomware and DDos Attack in-one

05-25-2016 12:26 PM CET | IT, New Media & Software

Press release from: KnowBe4

/ PR Agency: MRB Public Relations
KnowBe4 CyberAlert: Double-Barrel Ransomware and DDos Attack

(Tampa Bay, FL) May 24, 2016-- KnowBe4, issued an alert today on a malicious new trend in ransomware. Instead of "just" encrypting data files on a workstation (plus any network drive it can find) and locking the machine, a new variant of the Cerber ransomware is now adding a DDoS bot that can quietly blast spoofed network traffic at various IPs.
This is the first time DDoS malware has been bundled within a ransomware infection. It means that while the victim is unable to access their endpoint, that same endpoint is being used to deny service to another victim. Two attacks for the price of one (and two ways cybercriminals can make money off victims).
KnowBe4’s CEO Stu Sjouwerman noted, “Adding DDoS capabilities to ransomware is one of those "evil genius" ideas. Renting out DDoS botnets on the Dark Web is a very lucrative business, even if prices have gone down in recent years. It looks like this is the first case where a cybermafia has bundled ransomware with a DDoS bot, but you can expect it to become a fast-growing trend.”
Discovered by Invincea, who said in a website post: "The observed network traffic looks to be flooding the subnet with UDP packets over port 6892. By spoofing the source address, the host could direct all response traffic from the subnet to a targeted host, causing the host to be unresponsive."
The attackers use Visual Basic to launch a file-less attack, and most antivirus and “next-gen” antivirus vendors are completely blind to file-less attack methods. Consequently, they are unable to see this until it has been dropped on the disk. At that point scanners can find it, and many do, but often that's too late.
Sjouwerman advised, “The sample Invincea analyzed is being detected by 37 out of the 57 antivirus engines on VirusTotal, but the next sample will be invisible for a few days so do not count on your endpoint anti-malware layer 100%, as that will provide a false sense of security. The attachment relies on social engineering the employee to activate the Macro feature in Office, which then executes a malicious VBScript that downloads and runs the malware.”
The ransomware is executed first, which encrypts the user's data and then blocks their access to the computer by locking the screen. After this sequence, a second binary called 3311.tmp is launched into execution and starts sending a large amount of network traffic out of the infected computer.
Many people get infected with ransomware but some are able to restore from backup. By adding a DDoS bot to the ransomware payload, these cybercriminals create a two-for-one and can squeeze network traffic out of non-paying victims and use it as another criminal revenue stream.
KnowBe4 offers up eight ways to address it, in addition to weapons-grade backup:
1. “From here on out with any ransomware infection, wipe the machine and re-image from bare metal.
2. If you have no Secure Email Gateway (SEG), get one that does URL filtering and make sure it's tuned correctly.
3. Make sure your endpoints are patched religiously, OS and 3rd Party Apps.
4. Make sure your endpoints and web-gateway have next-gen, frequently updated (a few hours or shorter) security layers.
5. Identify users that handle sensitive information and enforce some form of higher-trust authentication (like 2FA).
6. Review your internal security Policies and Procedures, specifically related to financial transactions to prevent CEO Fraud.
7. Check your firewall configuration and make sure no criminal network traffic is allowed out.
8. Deploy new-school security awareness training, which includes social engineering via multiple channels, not just email. Since phishing has risen to become the #1 malware infection vector, and attacks are getting through company filters too often, getting users effective security awareness training which includes frequent simulated phishing attacks is a must. ”
For more information visit: www.knowbe4.com

About KnowBe4
KnowBe4 is the world’s most popular integrated Security Awareness Training and Simulated Phishing platform. Realizing that the human element of security was being seriously neglected, KnowBe4 was created by two of the best known names in cybersecurity, Kevin Mitnick (the World’s Most Famous Hacker), and Inc. 500 alum serial security entrepreneur Stu Sjouwerman, to help organizations manage the problem of social engineering tactics through new school security awareness training. The company maintains a top spot in the Cybersecurity 500, the definitive list of the world’s hottest and most innovative companies in cybersecurity. More than 4,000 organizations use KnowBe4’s platform to keep employees on their toes with security top of mind. KnowBe4 is used across all industries, including highly regulated fields such as finance, healthcare, energy, government and insurance.

CONTACTS: Michael Becce, MRB Public Relations, Inc.
mbecce@mrb-pr.com | (732) 758-1100 x104

Kathy Wattman, KnowBe4
kathyw@knowbe4.com | (727) 474-9950

MRB Public Relations, Inc.
2 East Main Street, 3rd Floor
Freehold, NJ 07728

This release was published on openPR.

Permanent link to this press release:

Copy
Please set a link in the press area of your homepage to this press release on openPR. openPR disclaims liability for any content contained in this release.

You can edit or delete your press release KnowBe4 CyberAlert: Double-Barrel Ransomware and DDos Attack in-one here

News-ID: 342375 • Views: 689

More Releases from KnowBe4

KnowBe4 Expands Team to Include Security Awareness Advocate
KnowBe4 hires Security Awareness Advocate in answer to growing demand and explosive growth. Tampa Bay, FL (August 30, 2016) -- KnowBe4, America’s most popular security awareness training and simulated phishing platform, has hired Security Awareness Training Advocate Erich Kron to support and expand its growing leadership position. Kron is a veteran information security professional with over 18 years’ experience in the medical, aerospace, manufacturing and defense fields and a well-versed speaker.
KnowBe4 Makes Security Awareness Training Available in 26 Languages
KnowBe4 combats the exploding threats of ransomware and CEO email fraud giving companies a global tool to manage risks associated with social engineering KnowBe4 Inc., the most popular integrated platform for security awareness training and simulated phishing tests, released its Kevin Mitnick Security Awareness Training in twenty-six language versions. The interactive, on-demand computer-based training covers high-risk topics and how to identify red flags such as the current ransomware epidemic, the W-2
KnowBe4 Has Explosive Year-Over-Year Growth of 454% for Q2 2016
Company sees demand accelerating for its integrated security awareness training and phishing platform (Tampa Bay, FL) July 5, 2016 --- KnowBe4, America’s most popular integrated security awareness training and phishing platform announced its explosive year over year growth of 454% for Q2 2016, with a record number of 655 new corporate accounts in June alone, rising to nearly 5,000 enterprise accounts combined with a very robust 86% customer retention rate.
KnowBe4 Releases Results of 2 Year Survey Showing Rising Concern over Ransomware
Security Awareness Training and Backup Deemed Most Effective to Combat Ransomware (Tampa Bay, FL) June 22, 2016 -- A new survey by KnowBe4, the US’s most popular security awareness training & integrated phishing platform shows the growing volume of ransomware victims despite increased efforts to prevent it. 1138 companies across a variety of industries participated. The study compares levels of concern over ransomware from 2014 to 2016 The results showed there is

All 5 Releases


More Releases for DDoS

DDoS Protection and Mitigation Market 2021 | Detailed Report
DDoS Protection and Mitigation Market Forecasts report provided to identify significant trends, drivers, influence factors in global and regions, agreements, new product launches and acquisitions, Analysis, market drivers, opportunities and challenges, risks in the market, cost and forecasts to 2027. Get Free Sample PDF (including full TOC, Tables and Figures) of DDoS Protection and Mitigation Market @ https://www.reportsnreports.com/contacts/requestsample.aspx?name=4240523 The report provides a comprehensive analysis of company profiles listed below: - F5 Networks -
Cloud DDoS Mitigation Software Market 2020-2026 | Imperva Cloud Application Secu …
This Cloud DDoS Mitigation Software market research is an intelligence report with meticulous efforts undertaken to study the right and valuable information. The data which has been looked upon is done considering both, the existing top players and the upcoming competitors. Business strategies of the key players and the new entering market industries are studied in detail. Cloud DDoS mitigation software is used to provide global protection against distributed denial
Distributed Denial-Of-Service (DDoS) Protection Market 2025: Exponential Rise in …
Researchmoz added Most up-to-date research on "Distributed Denial-Of-Service (DDoS) Protection Market 2025: Exponential Rise in End-User Applications to Denial-of-Service (DDoS) Growth" to its huge collection of research reports. The growth in Distributed Denial-of-Service (DDoS) threats due to increasing internet connectivity among a large number of devices ranging from mobile phone to IoT devices is expected to boost the Distributed Denial-of-Service Protection market growth. The first most visible Distributed Denial-of-Service attack was
Distributed Denial-Of-Service (DDoS) Protection Market: Exponential Rise in End- …
The global market for Distributed Denial-Of-Service (DDoS) Protection is likely to attain novel growth heights with fast transitioning end-user preferences. Burgeoning vegan population across regions is attributed to manifest favorably towards to the growth of report title as “Global Distributed Denial-Of-Service (DDoS) Protection Market Size, Status and Forecast 2019-2025” in foreseeable future. The fast expanding online repository of Market Research Hub (MRH) assesses recent market advances and their reciprocal implications
DDoS Protection Market - Competitors Conflict Scenario 2025
Global DDoS protection Market: Snapshot Distributed denial-of-service protection solutions help safeguard the endpoints from advanced and sophisticated DDoS attacks. For the last few years, there has been a rise in the demand for DDoS protection solutions and services from small and medium enterprises across industry verticals worldwide on account of the growing trend of bring your own device as well as increasing concentration of the Internet of Things technology. Other factors
DDoS Protection Market Favor the Growth by 2025
Global DDoS protection Market: Snapshot Distributed denial-of-service protection solutions help safeguard the endpoints from advanced and sophisticated DDoS attacks. For the last few years, there has been a rise in the demand for DDoS protection solutions and services from small and medium enterprises across industry verticals worldwide on account of the growing trend of bring your own device as well as increasing concentration of the Internet of Things technology. Other factors