Posts Tagged Ransomware

Locky Ransomware: How It Infects Systems And How To Stay Safe From This Virus

12th Oct 2017

Albert Einstein’s quote, “Our Technology has surpassed our humanity” truly represents the repugnant condition of our society today with cyber-attacks taking a toll on the entire world. Each day hackers are coming up with sophisticated technologies and malwares to counterfeit the security solutions being launched by the companies. A recent malevolent program that has hit the cyber industry is Locky ransomware that literally LOCKS away your files, until you pay ransom to decrypt them. It came forth in February 2016 and has been active since then.

How It Infects Systems

Usually sent through an email containing infected word or excel attachments, it is a malware that affects almost all versions of Windows. The malicious email contains a balderdash word document in encrypted form. Further the user is asked to enable macros to encode the incorrect data and that is when the real trouble starts.

Then actual encryption Trojan is downloaded with an intent to encrypt all the targeted files using AES encryption algorithm. All the filenames are converted into .locky file extension. These files cannot be operated by normal programs when once enciphered. The user is then sent ransom notes demanding 0.5 – 1 bitcoins in return of a decryption key.

Email: The Most Preferred Channel

Locky malware is generally sent via a word document attached in an email because it is the easiest way to trap and dupe the users. AppRiver, email and web security experts in one of their reports about it quoted, “In the past 24 hours we have seen over 23 million messages sent in this attack, making it one of the largest malware campaigns that we have seen in the latter half of 2017.”

How To Stay Safe From This Ransomware –

  • Regular Backups – The best way to safeguard yourself is to take regular backups either online or offline. Keep your backup data in encrypted form to ensure that it does not fall into wrong hands.
  • Be Wary About Suspicious Attachments – If you are sent an unusual email from an unauthorized sender make sure you do not open it. Attackers can masquerade and send you unsolicited emails containing malware. Beware of files with double extensions ending with .exe as there are higher chances of it containing virus.
  • Do Not Enable Macros – Ransomware is usually sent to the user in the attached encrypted file, which persuade them to enable macros resulting in files bring encrypted by locky. Make sure you do not enable macros for emails send by an unknown source. Also permanently keep the default Microsoft macros disabled.
  • Update Your System – Regularly updating and patching your system and applications can help you to prevent the attack to some extent.
  • Microsoft Office Viewers – Install the app on your system, as it allows you to view what documents look like without actually opening them.

It is important to adopt all security measures well in advance and educate yourself and your employees about Locky ransomware attack to prevent it in the first instance.

For more tips on preventing Locky Ransomware, feel free to contact Centex Technologies at (855) 375 – 9654.


No Comments

Ransomware – The Malware That’s On The Rise

December 16, 2015

Ransomware is a type of malware that uses a malicious software code to lock a user’s computer and allows access only after certain ‘ransom’ fee is paid. It may infect the system in the form of a Trojan horse or worm by exploiting a security flaw. Ransomware usually spreads through email attachments, spam website links or infected software applications. Once executed in a computer, the malware can either lock the entire system or encrypt the stored data with a password.

Types Of Ransomware

  • Cryptowall: This ransomware is mainly spread through spam emails that contain a malware infected attachment claiming to be an important message. Once the user opens the attachment, the malware is executed and the device gets locked.
  • FBI Ransomware: It is installed on a user’s computer once he visits a website with malicious script. When the system is infected, it displays a message, purported to be from FBI, that the computer has been blocked and the user needs to pay a fee to restore his data.
  • Power Worm: This is probably the most perilous type of ransomware in which the victim’s data is not only encrypted but the key to restore the information is also destroyed. In such a malware attack, the only option to get the data is to restore it from back-up.
  • Chimera: The Chimera malware works by threatening to post the victim’s files on the internet if he does not pay the demanded ransom. In such situations, even if a user has a back-up of the files, he might get convinced to pay the fine just to prevent the files from being leaked.

Defending Against Ransomware

  • Never open embedded URLs or attachments in emails from an unknown source.
  • Download and constantly update anti-virus and firewall definitions.
  • Maintain a backup of your files on an external hard drive or online.
  • Enable your popup blocker to avoid accidentally clicking on a spam advertizement.
  • Update all the software on your computer to fix any open security vulnerability.
  • Enable the option to ‘Show file extensions’ in your systems settings. This will make it easier to detect malicious files. Make sure you do not open any file with an unknown extension.
  • If you notice malicious software running or view a ransom message on your computer, disconnect the internet immediately to avoid transmitting your data to the cybercriminals.

Taking precautions to protect your information and staying cautious are the best counter measures to avoid being infected by Ransomware.


No Comments