Worrisome Locky Ransomware Variant Zepto is Making The Rounds

Worrisome Locky Ransomware Variant Zepto is Making The Rounds

Zepto Ransomware

There is a now form of Bitcoin ransomware on the block, going by the name of Zepto. At its core, this is a different variant of the Locky malware, which has been making the rounds for quite some time now. Security researchers detected a spike in the distribution of this new ransomware. As one would expect, Internet criminals are using spam emails to distribute this payload.

Also read: Are the Winklevoss Twins Bringing the Bitcoin Price Back Up?

Bitcoin ransomware has proven to be a very lucrative business, assuming one can distribute the malware on a large scale. Spam emails are a preferred method of distribution, as it allows criminals to reach a lot of potential targets with little effort. Security researchers detected a spike in Zepto distribution as of June 27.

Zepto Ransomware Arrives On The Scene

Bitcoinist_Zepto Ransomware Cisco Talos

What makes Zepto so interesting is how it is sharing similarities with Locky. This latter malware has been causing a lot of headaches for individuals and enterprises around the world. While there are obvious similarities between the two strains, there is something different about Zepto. Security researchers are trying to figure out how to classify this new type of malware.

On June 27, over 137,000 spam messages were sent out, all of which contain the Zepto payload. Malicious attachments in emails are an effective manner to distribute malicious code. Even though there have been plenty of warnings regarding downloading email attachments, the potential for infection remains very high.

Specific aspects of this ransomware make it appear very similar to Locky. Both types use the same type of RSA encryption keys, they leave similar file types behind, and the ransom text is nearly identical. Despite these similarities, the new kind of ransomware is far from ineffective, though.

Cisco Talos Sr Technical Leader Craig Williams explained the threat as follows:

“If Zepto sticks with this attack vector it may never become a serious threat. However, it’s very likely Zepto moves into exploit kits as time goes on. A move by Zepto to malvertising, for example, could get bad very fast. “

Ransomware developers have stepped up their game in recent months, by continuously improving their malicious software. Security researchers are concerned Zepto has the potential to infect thousands of users in the coming weeks. So far, over 3,300 unique samples of the malware have been identified, which is a rather staggering number.

What are your thoughts on yet another new form of ransomware? Let us know in the comments below!

Source: Cisco Talos

Images courtesy of Shutterstock, Cisco Talos

Jp Buntinx

Jp Buntinx

JP Buntinx is a freelance Bitcoin writer and Bitcoin journalist for various digital currency news outlets around the world. In other notes, Jean-Pierre is an active member of the Belgian Bitcoin Association, and occasionally attends various Bitcoin Meetups in Ghent and Brussels

  • J$

    Someone should look into shutting down Bitcoin since it’s providing hackers a way to be paid a ransom without being traced. Bitcom coins are so expensive! Zepto has my computer hostage and I can’t even pay them if I wanted to. They want to much coin (dollars). If the hackers didn’t have Bitcoin what other methods could they use to demand money?

  • facepalmfrank

    Lol. Perhaps you should start giving a !%/+ about infosec.

    Bitcoin is unstoppable and a net positive for humanity.

    Ransomware is not negative either as it teaches the importance of proper backups and information security for the masses.

  • J$

    Wow, you sound like you’re supportive of hacking and criminal behavior. Regardless of how priceless my documents and pictures may be I should not have to pay to still have access to them. It may teach someone to make timely backups of their documents but if there is a system being using to enable these hackers then that process should be cracked down.

    Even if bitcoin was allowed to stay open in business they should be able to track where the money is being sent. It’s not that hard to do and should be done.

  • Erik Cartman

    In decades past, criminals used to demand ransoms in the form of a dufflebag full of unmarked bills. Your comment is like saying “we should just burn up all the money, that way criminals can’t be paid their ransoms”.

  • facepalmfrank

    You seem to be one of those people who cannot accept their own faults and errors and desperately try to find something to point fingers at instead of acknowledging their own stupidity and ignorance.

    If not because of ransomware, you could have lost your files due to hardware failure…in case of the ransomware at least you have a chance to recover them.

    Instead of blaming others you could try learning about basic information security.

  • Live your life

    I already know I made a mistake! But I shouldn’t have to pay anyone just because they know how to hack. I’ll just have to wait 3 months to a year for a person to figure out the decryption key.

  • Live your life

    Ok, let me kidnap your mother, father, daughter and or poodle and tell you to pay the ransom. I hope you cloned them because if you didn’t you’re [email protected]
    That’s what you sound like. Hackers are pussy ass bitches hiding behind a computer who dare not hold a gun to my head while demanding me to give money.

  • MTC

    Yeah right … blame the woman for getting raped!

  • RJF

    Same method they always used, and still use, prior to Bitcoin: Credit and Debit Cards. This stuff existed before Bitcoin became popular.