Sec?

Malware, Spyware, Adware…

Internet was already threatened by these bits and bytes terrorists, now comes Bin Laden - Ransomware!

Ransomware is a malware used for an extortion crime. An innocent looking email, your favorite playmate sites and torrent sites are some of the doors through which these malware enter your PC. Some of the popular Trojans detected by now are; Sinowal.FY, Gpcode.ai, Ransom.A.

According to the PandaLabs and Kaspersky Lab these Trojans will first encrypt all your important files (mainly office documents) and leave a ransom note within readme.txt file on that particular folder.
The ransom note then tells the user in broken English that the files have been encrypted using RSA-4096 and that unless cold, hard cash is forked over within a period of time, the content of the files will be shared with the world and then deleted. The note demands $300 in order to decrypt the files.

As its said prevention is better than cure, so instead of shedding away 300 bucks, its much better to stop such malwares to enter into your PC. The sad news so far is that none of the AntiVirus makers (Symantec, Panda, KasperSky, Mcafee) have yet claimed to have decrypted of those encrypted files. So there is almost nil chance of recovery of your encrypted files.

Though it may sound clichéd but best way to protect you is to have strong and up-to-date antivirus software along with good antispyware tools. According to PandaLabs it is not just those email attachments that let malwares to plant those ransom notes. One of the major route for these attackers to spread these malwares are open ports. Attackers attacks those compromised machines and make them as sever and further spread those malwares throughout the network. One of the way to prevent your PC from such hazard is to secure your ports [read how to secure your ports in post by Niraj Shrestha - Watch out for those open ports! ].

We couldn’t prevent 9/11 terrorist attack, but we can stop these ransomware.