During the WANNACRY attack in May 2017 we reported on the surge of another Ransomware attack, JAFF. Like its partner in crime, JAFF seizes its victim’s computer or data storage and demands a ransom to be paid for the encryption key that allows the victim to unlock the data. No harm, no foul, right? Wong! According to Andra Zaharia of Heimdal Security, JAFF adds salt to the wound by downloading the victims sensitive data, such as credit card information, banking data, and other private information. The stolen treasures are exposed to Dark Web marketplaces for sale.
Andra comments: “By following the trail and digging deeper into cyber criminal infrastructure, researchers discovered the web shop that provides access to tens of thousands of compromised bank accounts, complete with details about their balance, location and attached email address. Malicious hackers can use Bitcoins to purchase stolen credit cards, some of which have already been verified, and compromised accounts on Paypal, Amazon, eBay and many more.”
JAFF is delivered through an email phishing attack. The recipient is prompted to open a PDF attachement, causing the ransomware to execute and encrypt the victims data. The best defense against these type of attacks is a strong Cyber Risk Management Program that includes comprehensive awareness training for empoyees.
Please contact us for more information!