Contactez-nous Suivez-nous sur Twitter En francais English Language

De la Théorie à la pratique

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Bromium Research: New CryptoLocker Variant - First crypto-ransomware to target video games

March 2015 by Bromium Research

Gamers may be used to paying to unlock downloadable content in their favourite games, but Bromium security researcher, Vadim Kotov, has discovered a new crypto-ransomware variant which aims to make gamers pay to unlock what they already own!

Data files for more than 20 games can be affected by the threat, increasing what is already a large target for cybercriminals. This CryptoLocker variant has been getting distributed from a compromised website that was redirecting the visitors to the Angler exploit kit by using a Flash clip. Bromium notified the owner of the web site, but they haven’t responded. At the time of compliling this research, the website was still serving malware. The website is based on WordPress and could have been compromised by any one of the numerous WP exploits. Additionally, the URL where the malicious Flash file is hosted keeps changing.

Attackers used an unconventional way of redirecting the users. Instead of a typical iframe (or an iframe dynamically generated by javascript) they used a Flash clip wrapped in an invisible

tag. Perhaps attackers believed this would help them to evade detection longer?

See previous articles


See next articles