New Ransomware may be Posting Your Location Data Online

Wednesday it was reported that a new strain of ransomware, “Cry” and “CryLocker” has been found. What this new strain does is that it takes your location data from Google Maps, and pastes the image onto the site Imgur.

Most ransomware simply sends the victims information directly to the hackers Command and Control servers. CryLocker users PNG, Portable Network Graphic image files to document the victim’s information. Security researchers said that it is likely that the controllers of such a ransomware, are deploying this to help hide their location and identities.

If the photo will not upload to Imgur, CryLocker attempts to upload to other sites, such as paste.org. If both sites fail, the information is relayed directly to the same 4096 IP addresses using UDP port 4444. Researchers also stated that hackers are using UDP protocol to hide their Command and Control servers even better.

Among the information taken, included is the targets Wi-Fi point, keyboard layout, and system language. CryLocker has been programed not to activate if it detects languages from Russia and one other country from the Commonwealth of Independent States.

Ransomware, as well as cyber-attacks seem to be big business in 2016. It also seems like they are evolving to combat against tactics of law enforcement, as well as various government agencies.

Big business aren’t the only ones that need to watch their online backs. With hackers coming out recently, proclaiming they have hacked a subsidiary of the U.S. government’s NSA, as well as the recent leak of NSA tools to the dark web markets. The recent U.S. Democratic committee hack, supposedly done by Russian state hackers, has been taking up headlines recently.

These hacks on government, and big name companies are increasing every day. One thing is for sure, cyber criminals and their technology is ever growing, ever changing, and a real challenge for law enforcement to keep up with.

“Some of the recent cases that come across our desks involve some of the most sophisticated cyber attacking tools we have ever seen. I’m talking about stuff that even surpasses our technology. We aren’t given the means to consistently upgrade, and grow our technology to combat this threat,” an FBI spokesperson said.

If you liked this article follow us on Twitter @themerklenews and make sure to subscribe to our newsletter to receive the latest bitcoin and altcoin price analysis and the latest cryptocurrency news.

Source:http://themerkle.com/new-ransomware-may-be-posting-your-location-data-online/

Print Friendly

Leave a Reply