Coming on the heels of CryptoLocker and CryptoDefense, a third ransomware variant called CryptorBit holds encrypted files ransom in exchange for $500 in Bitcoins, according to a blog post by Stu Sjouwerman, the founder of web-based security awareness training company KnowBe4, LLC.
Using social engineering to convince users to install it through a fake Flash update or via a rogue anti-virus product, CryptorBit corrupts the first 512 or 1024 bytes of any data file regardless of its extension.
The ransomware seems to bypass Group Policy settings meant to protect against such infection. Cyber criminals are installing cryptocoin miner software to mine digital coins and deposit them in their digital wallets.
CryptorBit was released last December “and after debugging their criminal infrastructure, attacks are now increasing” wrote Sjouwerman. “Users can't rely on antivirus since it catches less than 50 percent.”