Knowledgeable consumers like anonymous Tor– the Onion router — network because it gives them an sense of security against Internet traffic analysis. However, IT professionals hate it for the same reason, because they know it’s a great weapon for cyber-criminals.
According to a report in Australian Reseller News, a new strain of Tor-based malware has been discovered by Kaspersky Labs that is hard to track, encrypts user data and then demands ransom for decryption.
This new malware, which uses a countdown mechanism to scare victims into paying for decryption in Bitcoins, is described by Kaspersky as the potential successor to Cryptolockerm according to the report. Users affected by the ransomware are warned to pay up within a 72-hour deadline or all the files will be lost forever.
Dubbed “the Onion,” Kaskpersky says the new ransomware has a communications architecture similar to banking malware families such as the Tor-enhance 64-bit ZeuS.
“Hiding the command and control servers in an anonymous Tor network complicates the search for the cybercriminals,” the researcher told the news site. “The use of an unorthodox cryptographic scheme makes file decryption impossible, even if traffic is intercepted between the Trojan and the server.”
In one way it’s an acknowledgement of how effective Tor is. It also means More grief for CSOs.