A new strain of ransomware called “Cry” or “Cry Locker” encrypts data with its .cryextension harvesting your location data from Google Maps and pasting it as an image onto imgur.com.
Security researchers say that one of the reasons hackers are using these tactics is to hide their location and identities. It is another step in their smoke-and-mirrors strategy in case they have to change their C&C IP addresses. A PNG file containing the victim’s information is uploaded to an Imgur account each time a new victim is infected. This image gets a unique file name and is broadcast to the 4096 IP addresses it uses (hidden among these IPs is the real C&C server). This way a record of the victim will always be accessible.
To protect your website against ransomware, we recommend software security products like those offered by Trust Guard, the leader in website security and verification. If your website has an instance of Google Maps on your website, hackers won’t be able to access it. Trust Guard can monitor your site for ransomware and 75,000 vulnerabilities used by hackers to access your website.
Read the full article here: