Skip to main content
close search
site logo
Dive Brief

Cisco dismantles major ransomware distributor

Published Oct. 7, 2015
By
Contributing Editor
JacksonClerk

Dive Brief:

  • Cisco Systems said it has shut down a system found responsible for infecting thousands of Internet users with ransomware, Reuters reported.
  • The Angler Exploit Kit, which captures control of personal computers, has infected up to 40 percent of those it targeted in the past year.
  • Cisco discovered about half of computers infected with Angler were connecting to servers at a hosting provider in Dallas.

Dive Insight:

Since the hosting provider, Limestone Networks, pulled the plug on the servers and turned their data over to Cisco's Talos security unit, new Angler infections have dropped significantly.

Cisco copied the authentication protocols the Angler criminals use to interact with their victims. Knowing these protocols will allow security companies to cut off infected computers, the company said.

"It's going to be really damaging to the attacker's network," Cisco Telos manager Craig Williams said.

Telos estimated the criminals that had used the Limestone servers to spread Angler could have made about $30 million a year.

Recommended Reading

Filed Under: Security

Editors' picks

Company Announcements

View all | Post a press release
Graphiant’s Blakely Purtill Honored as a CRN® Channel Chief
From Graphiant
February 03, 2025
Retail’s First Store-Level Pricing Optimization and AI-Powered Pricing Assistant Announced by …
From Competera
January 28, 2025
Newgen Software reports Revenues from operations at Rs 1,057 cr in 9M FY’25, up 22% YoY, Profi…
From Newgen
January 22, 2025
Newgen Recognized as a ‘Leader’ in IDC MarketScape Reports for its Intelligent CCM and Automat…
From Newgen
January 29, 2025
Editors' picks
Latest in Security
Industry Dive is an Informa TechTarget business.
© 2025 TechTarget, Inc. or its subsidiaries. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell
This website is owned and operated by Informa TechTarget, part of a global network that informs, influences and connects the world's technology buyers and sellers. All copyright resides with them. Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. TechTarget, Inc.'s registered office is 275 Grove St. Newton, MA 02466.