Skip to main content

The Ransomware Evolution

By December 1, 2016February 22nd, 2017Blog

Ransomware attacks have been on the rise the past few years, which has lead to the various strains evolving quickly in order to successfully stay ahead of cyber security experts. A new malware has presented itself recently and it has the ability to encrypt the machine’s hard drive instead of encrypting individual files.

This malicious malware is called Mamba and has been discovered on machines in Brazil, the United States, and India. Morphus Labs, in Brazil, discovered the strain while responding to an infection in the energy sector. A research at Morphus Labs said that the most likely way the malware is being spread is through phishing emails. After the device has been infected, it’s able to overwrite the current Master Boot Record with its custom MBR and is then able to encrypt the hard drive.

Mamba is a Windows threat and prevents the affected computer’s operating system from booting up without the decryption key. Those who fall victim to the malware receive a ransom note requiring a Bitcoin per infected host in order to be given the decryption key.

Petya is another ransomware that targets at the disk level and was a serious game-changer because it was one of the first malware to encrypt more than just individual files. Emails were sent that had a link attached to a Dropbox file that installed the ransomware and encrypted the Master File Table in the background.

Mamba and Petya are strains of ransomware that many aren’t familiar with, making them even more threatening. With malware evolving so quickly and still being delivered via email it’s extremely important to make sure that your email security system defends against these and other malicious email threats.

Keeping these emails out of your inbox is exactly what our Opt-Inbox and Server Recon solutions are designed to do.