ransomware – PSafe Blog

Fri, 23 Mar 2018 12:00:23 +0000

The world of ransomware is constantly evolving, with a new malicious software known as Spider. It’s making the rounds as hackers’ latest attempts to hold personal information hostage. The ransomware gives victims a set of instructions and a 96-hour deadline to pay up or lose all their precious data.

How Does It Travel?
Hackers have been targeting unsuspecting smartphone users in the Balkans with this Spider ransomware, which was first discovered on December 10. Users get reeled in through a phishing scam with malicious MS Office files sent as attachments with the subject line “Debt Collection.”

Spider is designed using obfuscated macro code, meaning that if macros are enabled, the ransomware allows a PowerShell to enter the victim’s computer and lead them to a host website with directions.

What Happens Next?
The malware then links up with apps and cloud storage, which proceeds to encrypt and lock away all the user’s files using AES encryption, while adding a “.spider” extension to all their files. On the surface, these emails seem to be legitimate as anyone with credit card debt or unpaid bills could be fooled into believing that these files come from a reliable source.

Cybercriminals proceed to send a message in Bosnian to victims on the ransomware, notifying them that all their personal files have been encrypted and they won’t be able to access them without the key to open them. Victims are then given 96 hours to pay in bitcoin in order to get their files back, with hackers offering them directions on how to do so.

How Do Users Pay?
Victims are given a tutorial on how to pay, beginning with details on how to buy bitcoin and how much money they need to pay. They are then given instructions on how to download the Tor Browser, which is necessary to make the cryptocurrency payment anonymously. Users are then told where to send the payment and how to securely do it.

What Happens if Victims Don’t Pay?
If they fail to pay up in 96 hours, all their information will remain encrypted and permanently locked. The criminals warn victims not to try anything as the ransomware has the technology to delete all their files and damage their PC.

How Do I Protect Myself?
Individuals and businesses looking to avoid Spider should disable their macros, while also being cautious of messages that can only be opened by turning on their macros. For the time being, there is no way to decrypt the ransomware once it does strike due to how recent the technology is. The best thing you could do is install a security app like dfndr security with the advanced anti-hacking capabilities that can help fight a ransomware attack.

]]>

Wed, 14 Mar 2018 12:00:53 +0000

According to the Federal Bureau of Investigation, more than 4,000 ransomware attacks have occurred daily in the last few years. A malicious type of malware, ransomware will lock down a computer or smartphone until the user agrees to pay for the malware removal and release the files being held.

In many situations, the hackers who issue the software sometimes don’t even hold up their end of the bargain — merely erasing your data permanently once you’ve paid.

Worst of all, it isn’t just your computer or phone that’s at risk of attack. Smart home items such as modern day TVs have even been shown that they can be targeted. If your device has a computer chip within it, there is a good chance that it could be held hostage. But, don’t panic yet, here’s what you can do against this malicious malware:

Backup Your Smartphone
While it seems simple, regularly backing up your data is a proactive way to protect yourself against ransomware attacks. The heart of every ransomware scheme plays upon the fear that your data could be lost if a fine isn’t paid. However, if you have a backup of your files and photos, your data is more or less, secure.

You can utilize a solution such as Dropbox or Google Photos to make sure that your photos are always stored in a cloud. Other data such as contacts and calendars should be tied to your email account.

Android’s system also allows for a backup feature that can be found in your device’s settings. While it won’t backup everything, it’s useful for backing up device settings such as your saved WiFi networks, Google Chrome bookmarks, and more.

Browse With Common Sense
Most malware is accessed while browsing the internet or downloading an unsafe attachment from an email you have received. Prevention is always the best defense against vicious malware attacks. Keeping conscious and aware of what you click on while browsing, or what you download is a simple way to stay secure.

The truth is that once you’re subjected to a ransomware attack, there’s not much you can do to work backward. Preventative measures are your best defense.

Secure Your Android Device
But, how can you ensure the sites you’re browsing are safe and that you aren’t introducing malicious software to your device? Security solutions for Android such as dfndr security’s Full Virus Scan can protect your device by scanning it for spam, malicious content, and infected apps, then automatically removing them from your smartphone. These kinds of apps can block malicious websites to ensure a safer experience.

When it comes to ransomware, your best defenses are to maintain current backups and follow preventative measures. Ransomware can be malicious and menacing, threatening to delete our data and deal with the stress of possibly losing our digital life. However, if you keep aware and be conscious about your online activities — you shouldn’t have too much to fear.

]]>

Fri, 24 Nov 2017 00:00:55 +0000

With hacks and malware becoming more and more common, it’s difficult to know how to truly prevent cybercriminals from stealing your private information. The best ways to keep your phone and private data protected include: being cautious of which apps you download, avoiding suspicious-looking links or ads, and regularly running virus scans on your device. Use the full virus scan feature to scan your phone and SD card for hidden malware, and ensure that your phone is secure:

The best part of this feature is that the database is continuously updated, so your phone will always be protected against the latest threats, in real-time.

An App to Create Ransomware
This malware app is essentially a smartphone application that can be used to make custom ransomware attacks that target Android devices. The app was originally meant to be run from a computer or laptop, but now the app has been reformatted to function on a phone. Many developers call apps like this a “Trojan” or “TDK.”

It’s interesting to note that these apps only can run on Android and can only target other Android phones. The app isn’t on the Google Play store though; the only way you can access this app is by going to China’s Great Firewall hacking forums.

How Do You Use the App?
This app is a subscription-based service, so at least hackers are paying to steal data from you. When you download the app, new users can make a one-time payment for the app. New users also get the experience of communicating with the criminal service provider. This can be a big deal for newer hackers who may want advice on how to use the app. According to malware experts, there isn’t a limit on how many different virus strains a new subscriber can make once they’ve paid the subscription fee.

How to Keep Your Private Data Safe
If you have an Android, it’s really crucial that you keep your information safe from these virus strains. One way to keep safe is to avoid using public Wi-Fi networks. These public networks are extremely easy for hackers to use. They can view your private data because they get between you and the network and watch everything you do.

]]>

Mon, 18 Sep 2017 01:00:54 +0000

Ransomware scams have grown in scale and strength over the years. Some of the most successful ransomware scams can yield anywhere from $3 to $18 million from victims. The hackers will threaten to publish the victim’s personal data, essentially holding their personal data for ransom, which makes the name “ransomware” very fitting. Ransomware doesn’t always strike instantly, either, so you may not know that you have it on your device until it’s too late. Click here to use the security scan feature to quickly scan your device for any hidden threats:

How Do Ransomware Attacks Work?
Typically, hackers get the ransomware tech to your phone or computer system through the downloading of a file or some vulnerability in your network’s service. The ransomware essentially acts like a lock and locks up your computer or phone so that you can’t access any of your data or information. The ransomware may then send itself your data so that it can blackmail the victim into paying the ransom to get their private information back. Once the victim pays the hackers, the hackers typically send them an unlock code that will get rid of the ransomware from the system.

What is WannaCry?
In May 2017, the WannaCry ransomware attack targeted computers that were running an outdated and unpatched version of Microsoft Windows as their operating system, which included much of the computers at the UK’s National Healthcare Service (NHS). During this large ransomware attack, the hackers encrypted the data so that the computers couldn’t access their data. After that, the hackers demanded that they get their ransom via Bitcoin because it’s practically untraceable.

However, before the NHS or the other 230,000 infected computers could pay the ransom, a young British computer pro cracked the WannaCry attack and shut down the malware himself. As it turns out, the ransomware attack was poorly designed, which made it easy for the computer expert to find the “kill-switch” and shut down the hack.

How to Keep Your Data Protected
In order to keep ransomware and hackers out of your phone, you should regularly scan all of your devices for malware to ensure that your device is free of viruses and ransomware. Another way to keep your data safe is by creating an additional authentication step for your accounts. By creating a special code or setting up a phone call verification to identify yourself, you can keep your data safe. Also, be sure that you use your own Wi-Fi on your devices because public Wi-Fi is more likely to be hacked.

]]>

Sat, 29 Jul 2017 20:01:20 +0000

Ransomware, a malicious software that blocks access to users’ data until a ransom is paid, is targeting more people than ever, despite growing awareness of this hacking technique. If you believe that a ransomware virus may be lurking in your phone, or if you’re looking to take a preventative measure, run a Full Virus Scan on your device. This feature will search both your phone and SD card for malware. Click here to scan your phone for hidden threats:

Reports of ransomware have jumped in recent years. The number of ransomware reports has grown from 2.3 million to 2.6 million just within the last year — an 11.4% jump. Within the first quarter of 2017, mobile ransomware incidents spiked dramatically, up 253% from the previous quarter. During the past three years, the various strains of ransomware have tripled as hackers have realized their lucrative benefits.

Ransomware Attacks

Recently, the WannaCry strain of ransomware attacked a total of 150 countries. Victims of this sophisticated attack included Russia’s interior ministry and Britain’s National Health Service; they were all ordered to pay a ransom amount in Bitcoin. Later studies uncovered that all victims were Windows users who had failed to update their software.

For mobile users, the most common form of ransomware is the “Trojan-Ransom.AndroidOS.Fusob.h” which requests administrator privileges and collects information from the device to upload to a malicious server. This server then determines the device’s worth and blocks device use in order to extort a profit.

New Techniques
As hackers recognize ransomware as a significant source of revenue, their methods and targets are becoming increasingly sophisticated. Oftentimes, scammers will target high-value individuals or systems in an effort to generate the highest returns per victim. Ransomware vendors are also starting to provide ransomware customer support lines to facilitate the exchange of data for payments. As these levels of sophistication increase, future ransomware attacks may develop the ability to evade detection through limited CPU usage, and use self-replication within organizations in order to carry out coordinated ransom attacks.

How to Protect Your Devices
To avoid the danger of losing your private data to a ransomware attack, make sure to backup your phone data regularly, and keep your Android and network software updated. Oftentimes, ransomware is spread through infected emails, so be sure to approach email attachments or messages from strangers with caution, and ensure your antivirus software comes with anti-phishing to block links if you click on a malicious link by accident.

If you are a victim of a ransomware attack, make sure to report the incident to law enforcement, as these attacks are often criminal offenses.

]]>

Tue, 13 Jun 2017 13:00:04 +0000

Ransomware attacks are becoming more powerful and more frequent, as demonstrated by the latest WannaCry ransomware attack. More than 200,000 organizations — including the UK’s National Health Service — in 150 countries were infected with WannaCry ransomware. The WannaCry attack used stolen information from the National Security Agency (NSA). These NSA tools have been very useful to hackers, who have been able to carry out more sophisticated spyware and ransomware attacks. Click here to protect your device by quickly checking for hidden malware with Security Scan:

Although Security Scan is a strong measure individually, these kinds of attacks are likely to grow, too, as more of the NSA’s hacking tools are published. In this instance, WannaCry took advantage of a vulnerability in Microsoft’s older software. Microsoft had issued a patch for the vulnerability, but users either didn’t update their software or didn’t receive the update. This shows how important it is to make sure that you receive the latest security updates for your devices, in addition to scanning your device for ransomware, so that you can be protected against all types of malware.

Ransomware Through History

In comparison to other malware, the history of ransomware is much shorter. The first case of ransomware occurred in 1989, and targeted the healthcare industry (still a major ransomware target today). However, ransomware didn’t become the threat that it is today until around 2005. Since then, two of the most popular types of ransomware have been crypto and locker ransomware. Crypto ransomware encrypts users’ files, whereas locker ransomware only locks users out of their files. A hybrid of the two types has become more popular in recent years.

A Ransomware Evolution

Ransomware has evolved considerably over the last five years, and new, different types of ransomware are continuously appearing. In 2016, there were about 4,000 ransomware attacks each day, and roughly 70% of businesses infected with ransomware paid the ransom. With the release of the NSA hacking tools, and the rise of automation (allowing hackers to target more people with little effort), this will likely grow in 2017.

Hackers are now sending ransomware in PDFs via email. If a victim clicks on the PDF, he or she will be taken to a web page mimicking Google to type in personal information. This is becoming a more recent trend in the world of malware, with various malicious file types being sent over email to victims. Files may even include ransomware powerpoint presentations (ransomware ppt). The evolution of ransomware also includes Internet of Things devices as a growing target. This is because these devices are always connected to the Internet, and often have poor security or receive few updates.

]]>

Mon, 12 Jun 2017 14:00:08 +0000

As ransomware increases worldwide, law enforcement agencies are struggling with how to respond. After all, it’s very hard to recover a victim’s data, and nearly impossible to find the cybercriminals responsible for a ransomware attack. That’s why it’s important to take certain precautions in advance to protect your device from ransomware. You should run regular virus scans to check for any hidden malware on your phone. Click here to check your device for malware with the Full Virus Scan feature:

After infecting a computer or smartphone, ransomware can often go undetected for a long time, usually because it doesn’t exhibit the more obvious signs of a malware infection, such as sudden poor performance or adware. Full Virus Scan will allow you to check your phone for any malware or security threats that could compromise your device. You should run it frequently, even if you don’t notice anything wrong with your phone.

Cybercriminals Are Tough to Track Down

First of all, many ransomware attacks originate overseas. It’s very hard to arrest cybercriminals because it’s hard to locate them. Thanks to the Internet, cybercrime can be fairly untraceable — unless, of course, the criminal brags about his or her crime on a popular online chat room. Ransoms are typically paid in Bitcoins, which are also nearly impossible to trace.

The Law Doesn’t Have Time to Catch Up

International law enforcement agencies, for example, have teamed up to launch No More Ransom, an informative website designed to prevent ransomware and assist victims. As for the U.S., most states do not even have laws in place to properly charge and sentence ransomware criminals. Currently, Wyoming and California have laws in place that treat ransomware as a type of extortion; Maryland isn’t too far behind. But what about the rest of the U.S.? Ransomware has increased exponentially over the last several years — every state should be interested in passing similar laws.

How You Can Help the Police Fight Ransomware

It’s generally recommended that you contact the police after your device is infected with ransomware — you should never pay the ransom. Even if there’s little they can do, they’ll be able to make note of the crime. This can help to determine the scale of the cyberattack. If you do your part in reporting a ransomware attack, this will help law enforcement agencies get the information to the public. Sharing information about a massive, widespread ransomware attack — such as the WannaCry attack — may encourage businesses and individuals to take ransomware more seriously and update their cybersecurity efforts.

]]>

Thu, 08 Jun 2017 14:00:28 +0000

Ransomware is a menace against Androids everywhere in the world. Once this malware is active, it can hold your phone hostage by locking you out of your phone and then demanding a ransom payment for you to get access again. Sneaky, destructive, and ever-changing, ransomware is very difficult to remove. Indeed, one of the worst features of this malware is how long ransomware can go undetected. Before you realize it’s there, the damage could already be done. Use Full Virus Scan to check for and remove any ransomware or malware on your smartphone:

Full Virus Scan checks every app on your Android’s memory and SD card for viruses and other types of malware. Full Virus Scan is an excellent tool in the fight against ransomware. Below, you’ll learn everything you need to know about this vicious strain of malware — and why it can go undetected for so long.

How Ransomware Stays Hidden on Your Phone

You download a legitimate Google Play app that has become infected. This issue happened most recently with a Russian entertainment app. This app has between 50 million and 100 million users, and they all downloaded it from the Google Play store. So, when hackers infected this once-safe app with ransomware, the results were disastrous.
It’s not obvious that your phone has been infected with ransomware. Unlike many other types of malware, your phone may not behave abnormally after being infected with ransomware. Some typical signs that your phone has been infected with malware include: your phone suddenly slowing down or crashing, the sudden appearance of pop-up advertisements, or an unexplained spike in data usage. Ransomware, on the other hand, likes to bide its time before attacking. Some strains of ransomware like to take their precious time, lying dormant on your Android for days, weeks, or even months before they strike! That’s why you should run regular virus scans on your phone so that you can catch any dormant malware before it can do real damage.
Bot-infected apps often behave like regular apps. When Android users have an app infected with ransomware on their phone, it can act totally harmless. At least for a while, that is. To avoid downloading a malicious app, make sure that you only download apps from reputable sources. Read the reviews and avoid any apps with suspicious language or graphics. Even positive reviews can be manipulated which is why regular scans on your phone is crucial.

So, as a final aside to Android users: stay aware, keep DFNDR updated, and act immediately if your phone is acting strangely or becomes infected by using Full Virus Scan to remove any security threats.

]]>

Thu, 25 May 2017 16:00:24 +0000

If you’re an Android user who isn’t fully familiar with ransomware, ransomware is a form of malware that typically encrypts a computer system until the victim agrees to pay a ransom fee. For years, these malicious viruses have wrecked havoc against Android’s operating system. But you can keep these security threats at bay by running regular virus scans on your device so that you can catch any malware before it can do serious damage. Click now to use Full Virus Scan to check your device for malware:

The Full Virus Scan thoroughly checks every app on your device and SD card for security threats. Scanning your device regularly has never been more important: over the last year or so, reports have suggested that ransomware is becoming more aggressive. It even attacked an LG Smart TV in late 2016.

If you download a new app, and that app started interfering with your phone and its other apps, you’d delete it immediately, right? Unfortunately, ransomware does exactly that. Ransomware is known for hijacking other apps, then encrypting their data and often blocking the ability to uninstall. It can also affect the phone’s lock screen. But Google is vowing to confront these destructive viruses head-on with Android O, their newest operating system. Keep reading to find out if Android O is worth giving a “standing O[vation]” to.

How Android O Plans to Defeat Ransomware

Android “O,” the codename for Google’s newest operating system, has already launched a developer preview. Initially appearing on the scene in March 2017, Google plans on unveiling three more previews before the final version is launched in 2017’s third quarter. Android O’s central update involves battling ransomware. Mainly, Google plans to improve the protection of Android’s apps by deprecating vulnerable APIs and taking away functionality.

How has Google developed these strategies against ransomware? Well, that part is rather ingenious. Their developers followed 30 different malware strands “in the wild,” while gathering close to 50,000 samples from them. Using this data, the ransomware’s behavior was closely studied, while the Google team worked diligently to close Android’s security loopholes.

One of the main alterations, integrated into Android O, involves deprecating Android’s “DeviceAdmin” feature. Google found that around 70% of ransomware viruses were abusing DeviceAdmin on users’ phones. Ransomware would try to trick the user into granting admin privileges by hounding them with DeviceAdmin pop-ups. If the user gave in, their phone would be compromised immediately. By the end of 2017, we should know who’s winning in the Google vs. ransomware showdown.

]]>

Fri, 08 Jul 2016 13:17:46 +0000

Ransom demands, extortion, and gang activity have been baked into the global crime landscape for generations. Cybercrime experts warn that in 2016, these classic criminal behaviors are going digital, and will become much more difficult to stop. With predictions anticipating a 3 to 1 ratio of connected devices to people in 2020, many old-fashioned forms of illegal behavior are expanding into the Internet’s wild, unchecked frontier at alarming rates.

Extortion

Cyber extortion, which entails publically revealing private or embarrassing hacked information, is reaching an all-time high in 2016. Cybercriminals are profiting off targets by threatening to release private pictures, personal information, or embarrassing secrets if demands aren’t met. A high-profile example was the recent hack of Ashley Madison, a website that facilitates adulterous affairs between its users. In this case, criminals threatened to reveal names attached to Ashley Madison accounts unless users paid the hackers steep prices.

Holding Users Hostage

The proliferation of “ransomware” has transferred this old-fashioned criminal behavior into the digital sphere. 2016 has seen a marked spike in cybercriminals’ use of ransomware, which is the term used for programs designed to hold victims’ digital information hostage until a ransom has been paid.

Advanced ransomware is even capable of penetrating smart devices, like Internet connected cars, medical devices, and household appliances. Cybercriminals have the ability to hijack virtually any connected device, and request inordinate ransom prices from victims.

In the first three months of 2016, over $200 million in ransom money was paid to criminals holding data hostage. This amount is eight times as much as the total ransomware demands paid in all of 2015!

The Globalization of Cybercrime

Cybercrime networks are expanding, and becoming more advanced, with gangs of online criminals using cutting-edge tools to break into private connected devices, selling access to the highest bidder. Cybercriminals in developing countries, like Nigeria, are also becoming more sophisticated with their online attacks. Military conflicts throughout the world can cause an increase in cyber assaults, as extensive damage can be inflicted by hacking groups who don’t have any physical military force.

PSafe Security

It’s clear to see that it’s a dangerous world we’re living in when it comes to data security. Don’t put the data, and personal information on your Android phone at risk. If you’re concerned about your phone’s security, give it the added protection it needs with PSafe TOTAL. PSafe TOTAL’s antivirus software will help secure all of the private data on your Android phone, and ensure your connected devices are safe and sound.

]]>