Need help? Chat now!

Hostwinds Blog

Search results for:

Icepol Malware Infects Thousands in 3 Countries Featured Image

Icepol Malware Infects Thousands in 3 Countries

by: Bryon Turcotte  /  February 3, 2014

Romanian security authorities have announced the appearance of new malicious software that first claims to be a law enforcement agency then accuses those infected of "software piracy_" and the downloading of "_illegal porn_, "according to an article published by the Sydney Morning Herald. The article indicates that the "_Icepol_" trojan is responsible for sending accusatory messages to its victims before locking the victim's computer, then demanding "_payment to unlock it."

The report indicates that Icepol – which originated in Romania – infected approximately "267,000 computers in the US, Germany, and Australia_" and was directly responsible for approximately "_148,000 scam transactions in just five months_" and "_was distributed in 25 languages." According to the article, security experts determined that the attacking servers were "_ organized in a pyramid scheme where a number of affiliates were connected to a central (command and control) server responsible for delivering the malware._"

Catalin Cosoi, the chief security strategist for security vendor Bitdefender, said, according to the article, that "_the scam revealed a larger malware distribution system_" and that "_the criminal underworld has developed supply-chain networks that work much in the same way as more traditional criminal enterprises – even down to money-making referral and syndication schemes._" The article indicated that security authorities closed in on the "_Romanian-based unit_" as it communicated "_with a central server in The Netherlands before it was moved to Germany_."

A senior security analyst at the Australian Institute of Criminology, Raymond Choo, was also quoted in the article to say, "_[A big threat] to cyber-security is the asymmetrical nature of cyberspace that can be leveraged by smaller or less technologically advanced countries to launch [attacks] by buying or renting the services and skills of cybercriminals._" The article states that many security experts agree with the concept of a "_darknet' – the seamy online underbelly used to produce and swap everything from bomb recipes to child pornography_" and say that this concept applies to "_hacking communities_" that allow "_ organized hacking groups to join, collaborate and disperse._"

Read more in the full article at the Sydney Morning Herald about this new malware and the current views from security experts regarding cybercrime, hacking, and those organized groups who are involved in these types of attacks.

Written by Bryon Turcotte  /  February 3, 2014