Crysis attacks Latin American societies • El Nuevo Diario

ESET, a leading company in proactive threat detection, has detected a new ransomware campaign, Crysis, that is spreading throughout Latin America through malicious e-mails and is affecting companies in various markets.

Currently, Brazil (22%) appears as the most affected country, followed by Mexico (19%), Colombia (17%), Argentina (16%) and Peru (9%). ).

History [19659004] Crysis figured in the top 5 most detected ransomware in Latin America in 2017 and caused significant data loss to several companies in the region and around the world. Without being sufficient for the attackers, they decided to launch a new infection campaign composed of emails containing malicious attachments with the mission to infect the computer of the victim

Once the infected computer, the threat attempts to create registry keys and copied to four directories to ensure its persistence and thus perform the ransomware run at each startup of the operating system to be able to encrypt new files. After being copied, the malicious code will execute the command to delete the Windows backups.

The next step will be to encrypt all system files by adding an alphanumeric identifier to each and email to contact the attacker. Finally, Crysis creates a series of files to inform the victim that his files have been encrypted and what are the steps to retrieve the information.

Free

According to the latest edition of ESET Security Report 2017, ransomware is the number one business concern.

"ESET focuses on education and awareness as the main protection tools.As for ransomware, it is also essential to have a solution that protects the mail servers; E-mail is the main vector of infections.On the other hand, it is important to avoid publicly disclosing e-mail accounts, pay attention to the content of the messages received, maintain the operating system. and the updated software, and finally: back up the information are essential aspects, "said Camilo Gutiérrez, head of ESET Latin America's research laboratory.

In addition, ESET has an anti-transshipment kit. It is free and includes various educational and technological tools that can help prevent ransomware infections: https://secure.eset-la.com/kit-Antiransomware.