Security researchers have spotted a new variant of the TorrentLocker ransomware that has the ability to spread through shared documents on the infected computer. The variant is currently making its way through Denmark, and according to VirusTotal has been circulating almost undetected, with only 3/55 Anti-Virus software managing to spot the malware. Fraser Kyne, EMEA CTO at Bromium commented below.
Fraser Kyne, EMEA CTO at Bromium:
Users can’t be expected to act as the first line of defence, and spot every advanced threat that lands in their inbox. This is why we’re seeing a shift towards segmentation and isolation – the goal of which is to create a safe environment where the malware is contained, unable to escape, and therefore has no impact. Technology like CPU-enforced micro-virtualisation makes this a practical and sustainable way forwards; as you’re getting out of the ‘cat-and-mouse’ detection game. This isolation not only stops the malware from having any impact, but has the added benefit that analysis can be carried out in granular detail, in focused isolation, whilst the malware is running, with the intel gathered shared across the network.”
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.