Articles about Ransomware

As we've seen in recent reports, ransomware is an increasingly big problem. But how much do people know about it and methods to protect themselves?

Security researchers at ESET surveyed over 3,000 people across the US and Canada to gauge their understanding of ransomware and unearthed some interesting findings.

Continue reading →

Security firm Kaspersky has released a tool that can be used to decrypt files on computers hit by the CryptXXX ransomware. Rather than paying the ransom demanded to regain access to files, victims are now able to turn to the free RannohDecryptor utility.

CryptXXX had been identified by ProofPoint earlier in the month and described as being closely linked to the Reveton ransomware operation and Angler/Bedep. The ransom of $500 is considered to be quite high, but Kaspersky's free decryption tool means that files can be retrieved without having to part with a cent.

Continue reading →

There is no denying that ransomware attacks are a very real threat for businesses. Given the ever-growing value of data and the importance of business continuity, organizations that have fallen victim to such attacks either face a period of downtime or they pay out in order to retrieve their data to resume business as normal.

Headline-grabbing examples, such those affecting the Hollywood Presbyterian Medical Center, or Lincolnshire County Council, are no doubt only the tip of the iceberg. How many others are giving in to ransomware demands without revealing they ever had a problem in the first place?

Continue reading →

The PETYA ransomware is just one of the recent examples of malware that encrypts victims' hard drives until a fee is paid. The advice from the government is not to pay the ransom -- or at least not expect to get a decryption key if you do -- but a password generator has been created that means you can decrypt your hard drive for free.

While TeslaCrypt 4 boasts 'unbreakable encryption', the same cannot be said of PETYA, although the PETYA ransomware does have the irritating habit of overwriting MBRs. This does mean that there is no way to interact with the drive on the infected computer, but with access to a spare machine to read the drive and access to the online tool created by Leostone, you could have your data back in seconds. As the tool's website proudly proclaims, you can "Get your petya encrypted disk back, WITHOUT paying ransom!!!" -- here's what you need to do.

Continue reading →

Ransomware is one of the most prevalent security threats at the moment, and each week there are new examples that up the ante a little more. In recent months we have seen cross-platform ransomware, Tesla 4's unbreakable encryption, and the MBR-overwriting antics of PETYA, but a new phishing scam takes another approach.

In a cleverly orchestrated campaign, a phishing scam is doing the rounds whereby malware meets social engineering in a bid to extract cash from victims. It marries together the file-encrypting Maktub ransomware with a thinly-veiled threat -- home addresses. Quoting victims' home addresses to them serves two purposes: it adds a level of authenticity to the phishing email, but also acts as additional leverage by upping the fear level.

Continue reading →

Malware is far from being a new problem, but the inexorable rise of ransomware has taken many by surprise. There have been a number of very high profile instances of ransomware such as PETYA, and the threat is perceived as being so high that the US and Canada have taken the unusual step of issuing a joint security alert.

The likes of TeslaCrypt 4 feature 'unbreakable encryption' and use scare-tactics to encourage victims to part with their money. This is what has prompted the joint alert from the US Department of Homeland Security and the Canadian Cyber Incident Response Centre which warns about "destructive ransomware variants such as Locky and Samas". Interestingly, the advisory actively discourages victims from bowing to ransom demands.

Continue reading →

The FBI has began seeking the assistance of companies in the US to streamline its investigation on an increasing ransomware threat in the country.

The FBI is looking into a strain of ransomware called MSIL/Samas, which has been encrypting data across entire networks rather than single computers, Reuters reports. The ransomware infects machines before encrypting data and asking for money in return of the access.

Continue reading →

Ransomware has already caused businesses real trouble this year and recently, security firms have warned about a sudden surge in junk mail messages containing this kind of malware. It seems that organized criminals are now increasingly targeting businesses, which can offer them bigger returns than going after individuals.

The first wave of ransomware started in 2005 and was called Trojan.Gpcoder. Now the security industry (and many unfortunate users) are discovering new variants almost every day. For example, a strain called Locky, discovered only two weeks ago is now the second most prevalent form. Currently, it asks for three Bitcoins (about £885) as payment for the decryption key.

Continue reading →

Bitdefender Labs has released BDAntiRansomware, a free tool which keeps your PC safe from some of the most common ransomware threats.

The program "protects against known and possible future versions of the CTB-Locker, Locky and TeslaCrypt crypto ransomware families", the company explains.

Continue reading →

Ransomware is the malware du jour, and each strain seems more vicious than the last. As with any virus variant, there is a game of cat and mouse played out between virus writers and security companies as each battles to outwit the other.

Trying to get ahead of the curve, Bitdefender has released a tool that offers protection against the likes of CTB-Locker, Locky and TeslaCrypt. When it comes to dealing with ransomware the advice, unfortunately, has become a case of either pay up, or revert to data backups. Alternatively, you could try prevention rather than cure, and Bitdefender's 'crypto-ransomware vaccine' could be what you've been looking for.

Continue reading →

Crypto-ransomware is the malware du jour, and the likes of TelsaCrypt 4 and KeRanger are just some of the names to hit the headlines recently. One of the latest examples of ransomware, PETYA, is taking a slightly different and more worrying approach -- it not only targets enterprise users, but also encrypts entire hard drives rather than just a selection of files.

PETYA -- also known as RANSOM_PETYA.A -- goes to some lengths to make sure that victims know that their computers are infected, overwriting the MBR (Master Boot Record) to display a ransom note during the boot process. The malware uses a "military grade encryption algorithm" to lock users out of their files, and victims are directed to venture onto the dark web using the Tor browser to make a Bitcoin ransom payment.

Continue reading →

You might think that having to pay for files locked by ransomware is costly, but it’s the downtime that actually hurts a business more.

Those are the results of a new survey conducted by cloud IT services company Intermedia. The survey, entitled 2016 Crypto-Ransomware Report, polled nearly 300 expert IT consultants about the current trends in malware.

Continue reading →

Apple might be currently talking about its unbreakable encryption and how it's a good thing for privacy, but the FBI ruing it. The privacy arguement certainly stannds up to scrutiny, but strong encryption can also be used as a weapon, as demonstrated by countless examples of ransomware. There are numerous breeds of ransomware out there, but one of the most prolific is TeslaCrypt.

It's just a year since the first version of TeslaCrypt appeared on the scene, and it's gone through various updates and iterations over the ensuing months. Now it's hit version 4 and as well as continuing to threaten victims with sharing their files online, it also boasts what is being referred to as 'unbreakable encryption'.

Continue reading →

Top news websites including the BBC, the New York Times and MSN were hit over the weekend by a co-ordinated malware campaign. Delivered through the advertising networks used by the sites, the malvertising attack aimed to install ransomware on victims' computers.

On-site ads are far from loved, hence the prevalence of ad-blocking tools. But as well as being an annoyance, online ads can also pose a serious security risk -- something highlighted by this attack. The infected ads redirected people to servers hosting the Angler exploit kit and was engineered to target US-based web users.

Continue reading →

Ransomware was the biggest threat to Android users in the UK last year, a new report by security company Bitdefender says.

Even though it’s not as dangerous or prolific as its Windows counterpart, ransomware still played a major role in the overall mobile security landscape for last year.

Continue reading →