Bitcoin has a new and potentially considerable threat to its reputation, if California cybersecurity firm Proofpoint is correct. Last week, the company warned that a previously undocumented ransomware sample that they found, CryptXXX, would not only be encrypting files locally and on all mounted drives, “it’s stealing Bitcoins and a large range of other data.”
Not only is CryptXXX a multi-purpose thief, but the company’s analysis shows it spreads in new and powerful ways; through a common trojan called Bedep after infection via the extremely popular Angler exploit kit.
First appearing in late 2013, Angler is now “the number one exploit kit by volume,” Proofpoint asserted, “making the potential impact of new ransomware in the hands of experienced actors with access to this vector quite significant.” This exploit kit became the most popular kit in the second quarter of 2015, overtaking the ‘Nuclear’ Exploit kit, according to Global IT security company Trend Micro.
“Angler dominated as the king of exploit kits throughout 2015. The reason behind this is Angler’s design, which makes it easier to integrate the kit into cybercriminal operations and campaigns like Pawn Storm.”