CryptoFortress mimics TorrentLocker but is a different ransomware
ESET assess the differences between CryptoFortress and TorrentLocker: two very different strains of ransomware.
Education:Software Engineering student at École de Technologie supérieure
Highlights of your career? Winning the first Péter Szőr award for our research on Operation Windigo.
Position and history at ESET? Malware Researcher since January 2012
What malware do you hate the most? Malware that steals money or destroys documents
Favorite activities? Photography, Cycling, Playing the clarinet
When did you get your first computer and what kind was it? I remember playing with the TI-99 of my grandfather, but this first one I broke was his 486SX by editing the config.sys file incorrectly.
Favorite computer game/activity? CTF competitions
ESET assess the differences between CryptoFortress and TorrentLocker: two very different strains of ransomware.Marc-Etienne M.Léveillé
Today, we are publishing research on ransomware that emerged in 2014. We have posted blog articles about this threat before, to raise awareness when we realized the criminals were targeting the United Kingdom and Spain.Marc-Etienne M.Léveillé
Three weeks ago, iSIGHT Partners discovered a new Ransomware encrypting victims’ documents. They dubbed this new threat TorrentLocker. TorrentLocker propagates via spam messages containing a link to a phishing page where the user is asked to download and execute “package tracking information”. In August, only Australians were targeted with fake Australian Post package-tracking page. WhileMarc-Etienne M.Léveillé
In this blog post, we provide an in-depth analysis of Linux/Ebury - the most sophisticated Linux backdoor ever seen by our researchers. It is built to steal OpenSSH credentials and maintain access to a compromised server.Marc-Etienne M.Léveillé
We think that there could be rootkits targeting the OS X platform, but we have very limited visibility into that threat right now. We know that we don’t know. Today, ESET is releasing a simple tool to detect rootkits on OS X.Marc-Etienne M.Léveillé
Some 400 web servers found infected with Linux/Cdorked.A. including 50 in Alexa’s top 100,000 websites. And this backdoor has been applied to Lighttpd and nginx binaries in addition to Apache.Marc-Etienne M.Léveillé