IT Specialist Blogs

rss

News, Topics and Opinions on Information Technology

Specify Alternate Text

There is a new strain of "ransomware" that does not  bother with the whole encryption thing at all.  These bad guys seem to think it's just an unnecessary distraction and too much work. Better to just start nuking files and then present victims with a ransom note.  It's called RanScam and here is how it looks:


Ranscam deceives victims by falsely claiming that files have been moved onto an hidden, encrypted partition. However, back at the ranch, this malicious code has deleted selected files and seriously messed with system settings like removing executables that drive System Restore, deleting shadow copies, and breaking Safe Mode etc. Recovering a system from this infection is very hard. This is outright destructive code and the way to recover is wipe and rebuild from bare metal.

They try to extort a ransom of 0.2 Bitcoin (about $125) the crooks really have no mechanism at all to restore compromised files. The attackers provided the same wallet address for all payments and for all samples, said Cisco's Talos researchers.

They said: “The lack of any encryption (and decryption) within this malware suggests this adversary is looking to ‘make a quick buck’ - it is not sophisticated in anyway and lacks functionality which is associated with other ransomware such as Cryptowall.”

The malware features a fake payment verification process that automatically returns notices of failure, possibly in the hopes that desperate victims might make a fresh payment. There is no longer honor amongst thieves. Currently the Ranscam campaign does not appear to be widespread and there have been no large-scale email spam campaigns...yet.

Ransomware Hostage Rescue Manual

Get the most complete Ransomware Manual packed with actionable info that you need to have to prevent infections, and what to do when you are hit with ransomware.

https://info.knowbe4.com/ransomware-hostage-rescue-manual-0

 .

Showing 0 Comment


Comments are closed.

Interested in submitting content for publication and syndication on the IT Specialist Network?

As a contributing writer on the IT Specialist Network, you can quickly gain exposure as an opinion leader or subject matter expert in information technology by informing a large audience of technical professionals. We welcome new and established authors that specialize in one or more sectors of the IT industry. Once your article(s) is approved for publication, it will be selectively syndicated throughout the IT Specialist Network.

Click here to contact us.