Following the news that TorrentLocke, a ransomware variant which has been relatively inactive for almost two years, is back, and this time it’s stealing user credentials from victims in addition to demanding a ransom to unencrypt locked files, Alex Mathews, Lead Security Evangelist at Positive Technologies commented below.

Alex Mathews, Lead Security Evangelist at Positive Technologies:

Alex Mathews“This new version of Cryptolocker shows the old problem of antivirus products: even a small modification of an old trojan code may lead to an epidemy since many well known antiviruses don’t recogize this new malicious code for many days before their signatures are updated. To protect your business from this kind of “mutating” threats, you’d better use multi-engine antivirus platform which can scan your emails by several different antiviruses (PT Multiscanner, for example). Another good idea is to use security systems with dynamic analysis tools (sandbox) that can execute a suspicious file in a protected environment to detect its malicious behavior: credentials’ retrieval or attempts to encrypt some data would be spotted easily by such a sandbox.”

Experts Comments

Stay Tuned! Our Information Security Experts Community is responding .....

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.