Ransomware is one of the uglier threats that security professionals have to deal with. Unfortunately there’s a new version in the wild.
Security vendor Avast reported Tuesday that the Reveton ransomware that for a while has locked up infected PCs until a payment is made has been upgraded into a powerful password and credential stealer. It’s authors have done it by adding the latest version of the Pony Stealer malware.
It makes turns a computer into a botnet client, Avast noted in a blog. The most common infection is through well-known exploit kits like FiestaEK, NuclearEK, SweetOrangeEK and others.
“Reveton use one of the best password/credentials stealer on the malware scene today,” says Avast. “Pony authors conduct deep reverse engineering work which results in almost every password decrypted to plain text form. The malware can crack or decrypt quite complex passwords stored in various forms.
“The stealer includes 17 main modules like OS credentials, FTP clients, browsers, email clients, instant messaging clients, online poker clients, etc and over 140 submodules.”