Most of the variants revolve around the TeslaCrypt ransomware and borrowed from the Carberp Trojan in the way that it obscures code to evade detection, according to researchers at the firm.
The majority of infections are begin spread via phishing emails and target unprotected Windows systems, Mark Parker, senior product manager at iSheriff, told SCMagazine.com.
Parker said the sophisticated timing of the attacks appear to be “almost business savvy” because the attackers are counting on a lot of people having money during this time of year.
“The victims are generally busier this time of year, and due to end of year bonuses, the maturation of holiday savings bonds, and access to holiday savings accounts, users are more likely to have a little more cash on hand to pay the ransom,” Parker said.
In order to avoid infection, Parker recommended that users exercise good cyber hygiene by not opening attachments from unknown sources, and keep endpoint security versions and endpoint security signatures up to date. He also recommended that users back up their files to ensure they have copies of important data in the event they are infected.
Researchers at iSheriff said cryptographic malware has generated more than $60 million in revenue in one year as a result of victims choosing to pay the criminals to unlock files.