January 9, 2017 By Mark Samuels 2 min read

FireCrypt ransomware added new levels of functionality to existing techniques, posing a fresh threat to individual technology users and businesses alike.

Researchers at MalwareHunterTeam first identified the ransomware, SecurityWeek reported. The team found that the ransomware relies on familiar processes in addition to new distributed denial-of-service (DDoS) functionality to create an additional menace.

This extension of existing ransomware capabilities demonstrates how cybercriminals continue to search for new ways to broaden online threats. Senior executives must take note and continue to monitor the approaches of malware authors.

FireCrypt Ransomware Adds DDoS Twist

BleepingComputer reported that the ransomware uses familiar infection and encryption techniques and deploys a typical ransom demand. The ransomware disguises itself as an executable (.exe) in an existing file such as a photo or document to trick users into launching the malware. Once launched, the malware encrypts the information held on the victim’s device and displays a ransom note on the desktop screen. The malware currently demands $500 in bitcoins, according to the International Business Times.

The key difference between FireCrypt ransomware and other malware is that its damage extends to DDoS techniques. After the ransom note is delivered, the ransomware source code launches a function that fills the user’s temporary folder with junk files.

Cryptic Connections

While the identity of FireCrypt’s creators remains unknown, MalwareHunterTeam noted clear connections to the Deadly for a Good Purpose ransomware, which was discovered in October 2016, BleepingComputer reported. Both types use the same email and bitcoin addresses for ransom payment details, for example.

Ransomware can have serious ramifications for users and businesses, both in terms of data loss and financial cost. Cybersecurity firm Herjavec Group recently suggested the total cost of damages associated with unlocking ransomware could hit $1 billion by the end of 2016, according to ZDNet.

There is currently no technique for recovering files encrypted by FireCrypt ransomware. Victims should keep a copy of their files in case a decryption tool is released in the future.

Reducing Ransomware Risk

Chief information security officers (CISOs) and other senior executives should be aware of the ever-growing risk of ransomware. Herjavec Group expects ransom payments to continue to grow during the next five years and further predicts the annual cost of global cybercrime to reach $6 trillion by 2021.

The potential implications for businesses are manifold, including destruction of data, loss of intellectual property and significant financial damages, both in terms of cash and reputational harm.

CISOs must ensure their IT teams are aware of the ransomware risk. A single attack can cost businesses as much as $99,000, according to the Kaspersky Lab report “The Cost of Cryptomalware: SMBs at Gunpoint.” IT oversights, including bad administration, missing backups and unpatched software, increase the risk of damage.

More from

Apple Intelligence raises stakes in privacy and security

3 min read - Apple’s latest innovation, Apple Intelligence, is redefining what’s possible in consumer technology. Integrated into iOS 18.1, iPadOS 18.1 and macOS Sequoia 15.1, this milestone puts advanced artificial intelligence (AI) tools directly in the hands of millions. Beyond being a breakthrough for personal convenience, it represents an enormous economic opportunity. But the bold step into accessible AI comes with critical questions about security, privacy and the risks of real-time decision-making in users’ most private digital spaces. AI in every pocket Having…

Government cybersecurity in 2025: Former Principal Deputy National Cyber Director weighs in

4 min read - As 2024 comes to an end, it’s time to look ahead to the state of public cybersecurity in 2025.The good news is this: Cybersecurity will be an ongoing concern for the government regardless of the party in power, as many current cybersecurity initiatives are bipartisan. But what will government cybersecurity look like in 2025?Will the country be better off than they are today? What are the positive signs that could signal a good year for national cybersecurity? And what threats should…

FYSA – Adobe Cold Fusion Path Traversal Vulnerability

2 min read - Summary Adobe has released a security bulletin (APSB24-107) addressing an arbitrary file system read vulnerability in ColdFusion, a web application server. The vulnerability, identified as CVE-2024-53961, can be exploited to read arbitrary files on the system, potentially leading to unauthorized access and data exposure. Threat Topography Threat Type: Arbitrary File System Read Industries Impacted: Technology, Software, and Web Development Geolocation: Global Environment Impact: Web servers running ColdFusion 2021 and 2023 are vulnerable Overview X-Force Incident Command is monitoring the disclosure…

Topic updates

Get email updates and stay ahead of the latest threats to the security landscape, thought leadership and research.
Subscribe today