Subscribe / Unsubscribe Enewsletters | Login | Register

Pencil Banner

CyberLocker's success will fuel future copycats

John P. Mello Jr. | March 6, 2014
Nothing spurs malware development like success and that's likely to be the case in the coming months with ransomware.

In the past using encryption involved higher level skills that were more than most malware writers were capable of handling. "Now it's just a matter of doing a few system calls and you're good to go," Kujawa explained. "That has played a role in making things like CryptoLocker possible."

Another contributor to CryptoLocker's growth may be the coming of age of digital money. "One of the key ingredients that has factored into CryptoLocker has been Bitcoin because it provides the people involved with a way to quickly cash out with the money they're collecting without being caught," said Tom Cross, director of security research at Lancope, a network security company.

Up to now, the CryptoLocker gang has been able to keep their brand under tight wraps, but security experts see that changing in the future. One malware author has already started to gain notoriety with a ransom app called PowerLocker. While still a work in progress, PowerLocker promises to be even nastier than CryptoLocker.

What's more, the author is intent on selling PowerLocker's code to anyone with the deep pockets to buy it. If history is any indicator, that could result in a ransomware epidemic. "When the makers of Zeus" — a very malicious banking Trojan — "began selling it on the market, anyone with $10,000 could buy it and infections with Zeus exploded," said Bitdefender Senior E-Threat Analyst Bogdan Botezatu. "It's one of the top ten infections we see every day."

Kevin Bocek, vice president of product marketing, for Venafi, maker of a platform to protect digital keys and certificates, added, "Just like ZeuS and SpyEye, PowerLocker will give thousands of cybercriminals the ransomware tools available today to only a select group of criminals."

Those criminals have proven their acumen in software design, but that won't be the case in the next generation of ransomware artists. "You're not going to have to understand cryptography very well or implement malware that works well in order to engage in this kind of crime," explained Cross, of Lancope. "All you'll have to do is buy this software from somebody, set it up and run it."

"The barrier to entry will be very low," he continued, "and that's one of the reasons why I think we're going to see a lot of activity like this over the next couple of years."

PowerLocker's potential for malignancy, however, is just that: potential — potential that's still unproven. "We got an early copy of PowerLockeer, and it's a very primitive piece of malware," said Jarvis, of Secureworks. "If it shows up in the wild as it is, it would take a considerable amount of work to get it up to speed and even more work to get it up to the level of CryptoLocker."


Previous Page  1  2  3  4  Next Page 

Sign up for Computerworld eNewsletters.