Defray Ransomware demands $5,000 from victims and asks them to backup their data
A new Ransomware strain named as Defray has set its target on health care, education, manufacturing and tech sectors of US and UK. The Defray has been customized to phish email to specific targets. The price for ransom is $5,000 in bitcoins from its victims.
The Defray first appeared on August 15 and it is being spread through Microsoft Word document attachments via the phishing emails. The first attacks used a malicious embedded OLE packager in Word document and sent to a hospital’ s IT director. Since then a string of attacks have taken place with authentic logos and letterheads attached to lure people into opening the email.
" The ransom note follows a recent trend of fairly high ransom demands in this case, $5000. However, the actors do provide email addresses so that victims can potentially negotiate a smaller ransom or ask questions, and even go so far as to recommend BitMessage as an alternative for receiving more timely responses. At the same time, they also recommend that organizations maintain offline backups to prevent future infections," Proofpoint researchers said in a blog.
The ransom note also had a message for the IT people who are likely to be tasked with dealing with this attack. The developers of the ransomware are particularly proud of themselves as the architecture of the ransomware cannot be unmade and different levels of encryption are used. It is primarily written in C++ and could pass several quality control tests.
The last note for users is to create a offline backup of your data until this issue has been resolved.
Comments ( 0 )
No comments available