Ransomware distributor takedown

Note that Level 3 Communications aided in this.

https://www.yahoo.com/tech/s/cisco-security-r ... 1--finance.html

Cisco security researchers disable big distributor of "ransomware"

By Joseph Menn
SAN FRANCISCO (Reuters) - Cisco Systems Inc said it had managed to disrupt the spread of one of the most pernicious systems for infecting Internet users with malicious software such as so-called ransomware, which demands payment for decrypting users' data.
The investigators from Cisco's Talos security unit were looking at the Angler Exploit Kit, which analysts at several companies say has been the most effective of several kits at capturing control of personal computers in the past year, infecting up to 40 percent of those it targeted.
They found that about half of computers infected with Angler were connecting to servers at a hosting provider in Dallas, which had been hired by criminals with stolen credit cards. The provider, Limestone Networks, pulled the plug on the servers and turned over data that helped show how Angler worked.
The research effort, aided by carrier Level 3 Communications, allowed Cisco to copy the authentication protocols the Angler criminals use to interact with their prey. Knowing these protocols will allow security companies to cut off infected computers.
"It's going to be really damaging to the attacker's network," Telos manager Craig Williams told Reuters ahead of the release of the report.
Cisco said that since Limestone pulled the plug on the servers, new Angler infections had fallen off dramatically.
Limestone's client relations manager told Reuters his company had unwittingly helped the spread of Angler before the Cisco investigation.
Often sold in clandestine Internet forums or in one-to-one deals, exploit kits combine many small programs that take advantage of flaws in Web browsers and other common pieces of software. Buyers of those kits must also arrange a way to reach their targets, typically by sending spoof emails, hacking into websites or distributing malicious advertisements.
Once they win control of a target's computer, exploit kit buyers can install whatever they want, including so-called ransomware. This includes a number of branded programs, also sold online, that encrypt users' computer files and demand payment to release them.
Telos estimated that if three percent of infected users paid the ransom averaging $300, the criminals that had used the Limestone servers to spread Angler could have made about $30 million a year.
(Editing by Miral Fahmy

As mentioned so often, the best antivirus software in the world will not protect the person who goes "I wonder what will happen if I click on this link". If you're using a Windows OS. Keep it, & your software up to date. Do not store sensitive files on your computer. Have an external hard drive for shadow copy backups. Make a rescue disk (You did do that didn't you?). Think first - click later (or never). I did want to put this in: READ what you are agreeing to when you download & go to install free apps or freeware computer programs.
Here is a GREAT read on that topic:
http://www.howtogeek.com/198622/heres-what-ha ... nload.com-apps/

Thanks for that link - some good stuff there.  The parts where the author installs crapware to see what happens are especially interesting.  Not often someone is willing to risk a computer like that!