Categories: Security

Spider Ransomware Gives You 96-Hours to Pay

The world of ransomware is constantly evolving, with a new malicious software known as Spider. It’s making the rounds as hackers’ latest attempts to hold personal information hostage. The ransomware gives victims a set of instructions and a 96-hour deadline to pay up or lose all their precious data.

How Does It Travel?
Hackers have been targeting unsuspecting smartphone users in the Balkans with this Spider ransomware, which was first discovered on December 10. Users get reeled in through a phishing scam with malicious MS Office files sent as attachments with the subject line “Debt Collection.”

Read More: How to Protect Your Data from Ransomware Attacks

Spider is designed using obfuscated macro code, meaning that if macros are enabled, the ransomware allows a PowerShell to enter the victim’s computer and lead them to a host website with directions.

What Happens Next?
The malware then links up with apps and cloud storage, which proceeds to encrypt and lock away all the user’s files using AES encryption, while adding a “.spider” extension to all their files. On the surface, these emails seem to be legitimate as anyone with credit card debt or unpaid bills could be fooled into believing that these files come from a reliable source.

Cybercriminals proceed to send a message in Bosnian to victims on the ransomware, notifying them that all their personal files have been encrypted and they won’t be able to access them without the key to open them. Victims are then given 96 hours to pay in bitcoin in order to get their files back, with hackers offering them directions on how to do so.

How Do Users Pay?
Victims are given a tutorial on how to pay, beginning with details on how to buy bitcoin and how much money they need to pay. They are then given instructions on how to download the Tor Browser, which is necessary to make the cryptocurrency payment anonymously. Users are then told where to send the payment and how to securely do it.

What Happens if Victims Don’t Pay?
If they fail to pay up in 96 hours, all their information will remain encrypted and permanently locked. The criminals warn victims not to try anything as the ransomware has the technology to delete all their files and damage their PC.

How Do I Protect Myself?
Individuals and businesses looking to avoid Spider should disable their macros, while also being cautious of messages that can only be opened by turning on their macros. For the time being, there is no way to decrypt the ransomware once it does strike due to how recent the technology is. The best thing you could do is install a security app like dfndr security with the advanced anti-hacking capabilities that can help fight a ransomware attack.  

PSafe Newsroom

The dfndr blog is an informative channel that presents exclusive content on security and privacy in the mobile and business world, with tips to keep users protected. Populated by a select group of expert reporters, the channel has a partnership with dfndr lab's security team. Together they bring you, first-notice news about attacks, scams, internet vulnerabilities, malware and everything affecting cybersecurity.

Recent Posts

Vulnerabilities in Cyber Security: what they are and how to fix them?

Learn all about one of the hackers' favorite breach method and keep your company safe…

1 year ago

3 ways to recover deleted photos on Android

Have you ever wondered how to recover deleted photos on Android? After all, the lack…

1 year ago

What is worm?

Digital worms are among the most serious threats in the wild kingdom of the Internet.

2 years ago

Spoofing: What’s it all about?

Spoofing is a fairly sophisticated virtual scam that can fool even the most cautious and…

2 years ago

Careful With That QR Code! Five Steps For QR Code Safety

Five Steps to Reduce QR Code Risk! Step one? Read this article…

2 years ago

Pharming: Phishing’s Nasty Big Brother

Pharming is creating a new, dangerous brand of impostor syndrome. Check how to avoid pharming…

2 years ago