Each new year brings unexpected surprises, some good and some bad. This blog is about a bad surprise for 2016, the first new malware of the year: Ransom32.
As of now, there is no known way to decrypt your files if Ransom32 encrypts them. It is extremely important that you ensure you have valid and useable back-ups for all your important files to prevent catastrophic loss if this malware infects your system.
So how does this ransomware work? First, a hacker signs up for the RaaS utilizing a Bitcoin address via a Tor affiliate. This allows the criminal access to the “affiliate console” where they are able to configure their settings on how the malware should be executed and monitor the progress of their personal distribution campaign.
Ransom32 allows the criminal to specifically design the ransomware for targeted victims. It provides constant updates as to how many victims have successfully installed the malware, how much ransom to demand, whether or not to fully lock the computer and more. It truly is a service allowing a high degree of control to the attacker.
Here is a little more detail on how this particular ransomware will infect your systems.
Put simply, you do not want to be infected with ransomware! Last year saw numerous ransomware infections and a host of problems caused by this type of malware. Since ransomware is profitable, we can only expect the criminals to continue to improve and deploy such malware. Ransom32 has only been seen as a Windows infection, but the new programming allows for easy modification to other platforms, so beware. 2016 is only beginning, and as you can see, the criminals are not resting or enjoying time off.
As we enter a new year, we are here to help. Here are some important ideas you should consider to help protect you from ransomware threats:
- Always keep and test regular backups of your important data.
- Make sure you run an updated active anti-virus security suite on your system.
- Do not open email attachments from unknown sources.
- Always browse the Internet safely.
- Train your employees in proper Internet safety and how to spot fake emails.
NTT Security Incident Response Services can assist your organization with planning and responding to cyber security incident. Contact NTT Security today to learn more about how we can help protect your organization.