TorrentLocker Ransomware Outbreak

May 19, 2016 7:08 am

Ransomware outbreak

We are aware that today there have been multiple instances of the TorrentLocker ransomware being spread on fake AFP websites.
There are in excess of 17 compromised websites redirecting traffic to the TorrentLocker landing page:
http:/ /tpmclubindia.org/FvnXcQ4PiN/9OXGszo.php
http:/ /jysproductions.com/CJcvbA4BZrN/Z6mxSoTg1lXnAj.php

The attackers are using well crafted landing pages such as:
http:/ /australianpolicenotice.net
http:/ /yourpack24finder.net

We advise our clients to:
•  Block access to known compromised or malicious landing pages through firewall restrictions
•  Ensure that malware and anti-virus protection is installed and that signature files are current
•  Do not enter Captcha codes to any infringement or trial case sites such as the example below

AFP0519

If you have any questions regarding how to protect your organisation against Ransomware, please call us on 1800 816 044.

Kelvin Heath
Chief Security Officer