Threat Management, Network Security, Malware, Network Security, Ransomware

Playing with FireCrypt: Ransomware encrypts files and conducts minor DDoS attack

While it holds your files hostage, the newly discovered ransomware FireCrypt also directs your computer to perform a poor man's distributed denial of service (DDoS) attack by continuously connecting to a specifically targeted URL and repeatedly downloading junk content into a temporary folder.

The presently targeted URL, which is hardcoded into FireCrypt's source code, belongs to the Pakistan Telecommunication Authority. However, it is unlikely that the ransomware is causing the agency's website much disruption: "The crook would have to infect thousands of victims before launching a DDoS attack large enough to cause any problems to the Authority's website," according to a BleepingComputer report on Wednesday.

Discovered by MalwareHunterTeam on Jan. 4, FireCrypt appears to be a rebranded version of a identified discovered ransomware called Deadly for a Good Purpose. Featuring malicious executables disguised as PDFs and Word documents, the malware encrypts 20 different file types with an AES-256 algorithm. Based on the example provided in the report, the malware requests a ransom of $500 in Bitcoins. 

A joint analysis conducted by MalwareHunterTeam and BleepingComputer determined that FireCrypt samples are developed with the aid of a ransomware building kit. According to the report, the malware author uses a command-line application called BleedGreen to automate the creation of FireCrypt samples and efficiently modify basic settings as needed.

New ransomware threats continue to emerge at an alarming rate, prompting the need for more effective solutions. According to a January 2017 report from research firm MarketsandMarkets, the ransomware protection market is expected to grow from $8.16 billion in 2016 to $17.36 billion by the year 2021.

Bradley Barth

As director of multimedia content strategy at CyberRisk Alliance, Bradley Barth develops content for online conferences, webcasts, podcasts video/multimedia projects — often serving as moderator or host. For nearly six years, he wrote and reported for SC Media as deputy editor and, before that, senior reporter. He was previously a program executive with the tech-focused PR firm Voxus. Past journalistic experience includes stints as business editor at Executive Technology, a staff writer at New York Sportscene and a freelance journalist covering travel and entertainment. In his spare time, Bradley also writes screenplays.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.