This post is also available in: heעברית (Hebrew)

18947728_sMore and more cases of Filecoder attacks were detected, a malware which encrypts files and demands a ransom of 100-200 euros for their release.

According to ESET company reports more and more Filecoder malware attacks have been reported lately. The malicious code takes over files, encrypts them, and demands a sum of money before removing the encryption.

This report is based on data collected by ESET’s cloud monitoring system, ThreatSense.NET. According to the data collected by the system there has been a rise of over 200% lately in the number of Filcoder attacks in Europe and the United States.

Filecoder is a single member of an entire family of malware, and is considered especially dangerous and complex. The fact that there are so many versions of it adds to its risk factor. Filecoder usually encrypts images, documents, music and archive files.

iHLS – Israel Homeland Security

After the malware is installed on the computer and encrypts the files, the user is asked to pay 100-200 euros before the encryption is removed. There have been more serious cases, however, in which victims were asked to pay more than 3,000 euros – although in these cases the victims are usually relatively large organizations.

One of the latest versions of the malware attempts to exert even greater pressure on the user, and presents a countdown timer – calling for the payment to be made before the count reaches zero. If the money transfer isn’t made on time the encryption key is deleted, making decryption practically impossible.

In order to prevent these attacks users should regularly update their antivirus programs, protect their devices using robust passwords, and back up their data.