Systems in the Netherlands are currently being hit hard by a new wave of crypto malware named “Trojan-Ransom.Win32.Dorifel”. Based on press reports as well as our own telemetry gathered through our Emsisoft Anti-Malware Network thousands of Dutch systems are already infected. The majority of them located in government, public sector or company networks.http://blog.emsisoft.com/2012/08/09/dor ... ic-sector/
Based on preliminary research “Dorifel” usually enters new networks and systems through the use of a different malware: “Citadel”. “Citadel” belongs to the family of financial malware and is closely related to the “Zeus” bot family. It comes to no surprise that this isn’t the first time that the “Citadel” bot net is used to infect systems with different malware. Just a few weeks ago at the beginning of July “Citadel” was used to infect tens of thousands of PCs with the “Reveton” ransomware.
https://www.virustotal.com/file/4db33e0 ... /analysis/
Fabian Wosar (Emsisoft) and Erik Loman (Surfright) developed a tool to decrypt this files.
http://blog.fox-it.com/2012/08/09/xdocc ... ing-virus/
You do not have the required permissions to view the files attached to this post.