Archive

Archive for February 9th, 2010

Ransomware!

February 9th, 2010 Sumit 1 comment

Today I heard about a new kind of malware called Ransomware and found it pretty interesting. After further research I found out that it is not a new kind and has been around for more than a decade.

It is like any other kind of malware that  can propagate via email, web or infected files. This malware can encrypt your file or file names, lock down essential system services or display screen at the start up.

Once activated it will extort the victim by asking to ransom to receive decryption key or ask to send text message to the premium services. It may also ask for credit card information to buy a tool in order to unlock the system. The victim can be pretty helpless in this attack if malware is able to encrypt important files with large key size along with the use of good encryption techniques like RSA as it’s impossible to break with normal desktops. You may have a chance with distributed computing or a super computer though.

Like most of the malware defence prevention is the only cure here.

  • Try to not to download files on untrusted websites, majority of the software offering attractive screensavers and emoticons have trojans embedded in them.
  • Use a good security software from a trust company, I personally like to use anti-virus, firewall and anti-spyware from different companies because no company offer best of these in a bundled package.
  • Do not open email attachments from unknown sources.
  • Learn to distinguish between a legitimate and phishing email leading you to the malicious websites, there are plenty of examples on the web.
  • Avoid opening short-urls like bit.ly or tinyurl.com and if you must, consider using the “Long Url Please” addon for firefox which exposes the real urls hiding behind a short one. You can get it from here: https://addons.mozilla.org/en-US/firefox/addon/9549?version=0.4.2
  • Avoid giving out too much personal information on the public websites including the social networking ones (I know you must be thinking what it has to do with the malware but this will help you protecting your identity which is the key target of malware)

I hope we all make continuous efforts to keep our systems clean and protected from nefarious users.

–Sumit

Categories: Cybercrime, Encryption, Security Tags: , , , , , , , , ,