NewsJanuary 9, 2017 @ 2:30 PM

Added DDoS Threat Makes FireCrypt Ransomware a Menace Worth Watching

FireCrypt ransomware added new levels of functionality to existing techniques, posing a fresh threat to individual technology users and businesses alike.

Researchers at MalwareHunterTeam first identified the ransomware, SecurityWeek reported. The team found that the ransomware relies on familiar processes in addition to new distributed denial-of-service (DDoS) functionality to create an additional menace.

This extension of existing ransomware capabilities demonstrates how cybercriminals continue to search for new ways to broaden online threats. Senior executives must take note and continue to monitor the approaches of malware authors.

FireCrypt Ransomware Adds DDoS Twist

BleepingComputer reported that the ransomware uses familiar infection and encryption techniques and deploys a typical ransom demand. The ransomware disguises itself as an executable (.exe) in an existing file such as a photo or document to trick users into launching the malware. Once launched, the malware encrypts the information held on the victim’s device and displays a ransom note on the desktop screen. The malware currently demands $500 in bitcoins, according to the International Business Times.

The key difference between FireCrypt ransomware and other malware is that its damage extends to DDoS techniques. After the ransom note is delivered, the ransomware source code launches a function that fills the user’s temporary folder with junk files.

Cryptic Connections

While the identity of FireCrypt’s creators remains unknown, MalwareHunterTeam noted clear connections to the Deadly for a Good Purpose ransomware, which was discovered in October 2016, BleepingComputer reported. Both types use the same email and bitcoin addresses for ransom payment details, for example.

Ransomware can have serious ramifications for users and businesses, both in terms of data loss and financial cost. Cybersecurity firm Herjavec Group recently suggested the total cost of damages associated with unlocking ransomware could hit $1 billion by the end of 2016, according to ZDNet.

There is currently no technique for recovering files encrypted by FireCrypt ransomware. Victims should keep a copy of their files in case a decryption tool is released in the future.

Reducing Ransomware Risk

Chief information security officers (CISOs) and other senior executives should be aware of the ever-growing risk of ransomware. Herjavec Group expects ransom payments to continue to grow during the next five years and further predicts the annual cost of global cybercrime to reach $6 trillion by 2021.

The potential implications for businesses are manifold, including destruction of data, loss of intellectual property and significant financial damages, both in terms of cash and reputational harm.

CISOs must ensure their IT teams are aware of the ransomware risk. A single attack can cost businesses as much as $99,000, according to the Kaspersky Lab report “The Cost of Cryptomalware: SMBs at Gunpoint.” IT oversights, including bad administration, missing backups and unpatched software, increase the risk of damage.

Share this Article:
Mark Samuels

Tech Journalist

Mark Samuels is an experienced business technology journalist with an outstanding track record in research. He specializes in the role of chief information officers (CIOs) and is adept at helping executives understand the business benefits of complex technologies. Key areas of interest include innovation, digital transformation, cloud computing, mobility, information security, ecommerce and big data. Mark has written articles for national newspapers, including The Guardian, The Times and The Sunday Times. He has also produced features and columns for a range of IT trade publications, such as Computer Weekly, ZDNet, Tech Republic, IT Pro, Channel Pro, CBR and The Register.