At iSIGHT Partners we are constantly monitoring the cyber crime underground and tracking new vulnerabilities and their exploitation for our clients. Our cyber threat intelligence services were built over the past 7 years on a well-oiled process and technology platform based on a formal intelligence lifecycle. As part of our services to our ThreatScape clients, we offer access to our analyst teams for inquiry and clarification on our findings (a service called Analyst Access) as well reverse engineering and analysis of malware samples to aide our clients in their own research processes (a service called Global Response).
Through a combination of our own research as well as client inquiry, we recently analyzed a malware sample from an active phishing campaign. Interestingly, the malware is a new strain of ransomware that uses components of CryptoLocker and CryptoWall but with completely different code from these other two ransomware families. We have dubbed this new strain ‘TorrentLocker’ for reasons that will become obvious in the analysis below.
- See more at: http://www.isightpartners.com/2014/08/analysis-torrentlocker-new-strain-malware-using-components-cryptolocker-cryptowall/#sthash.d4Quk3IC.dpuf
Through a combination of our own research as well as client inquiry, we recently analyzed a malware sample from an active phishing campaign. Interestingly, the malware is a new strain of ransomware that uses components of CryptoLocker and CryptoWall but with completely different code from these other two ransomware families. We have dubbed this new strain ‘TorrentLocker’ for reasons that will become obvious in the analysis below.
- See more at: http://www.isightpartners.com/2014/08/analysis-torrentlocker-new-strain-malware-using-components-cryptolocker-cryptowall/#sthash.d4Quk3IC.dpuf