2016 is quickly shaping up to be the year of ransomware infections, as security experts have reported seeing spikes in both old encryption malware like Cryptolocker, and in the newest versions like Locky.
For those new to the term, “ransomware” is a malicious program that infects a user’s device by encrypting all of the device’s files without the user’s knowledge or permission. The victim is then left with a device that is greatly restricted in functionality, and often the only way it can be recovered to a usable form is to pay the ransom, or hope that you have backed up your device recently and it can be set to a restore point.
Just from January to March of this year alone, a plethora of ransomware has appeared on the computing scene in the form of Cryptolocker, Locky, Petya, SamSam, and TeslaCrypt. These malware programs have infected millions of victims in this short span of time, and target everyone from small businesses on up to major hospitals, which are a common target due to their lack of cybersecurity and poor IT practices, such as not patching their servers and undisciplined employees clicking on phishing scams.
This particular attack was a “one-of-a-kind” - all that had to take place to infect the victim’s computer was the user simply watching the video ad. The user did not have to actually click on anything! The video itself would begin loading and installing the virus, so by the time the ad was done playing, the program was already starting to install itself onto the host machine without the user even being aware it was happening.
According to Malwarebytes researcher Jerome Segura, “The ads that were infected were video ads, which is why they made it through.” He continued saying, “Most past malware attacks have happened via display ads or traditional ad banners, but this was a new vector and caught everyone by surprise.”
Since ransomware’s encrypted files can damage your machine beyond repair, it seems quite scary and they certainly can be just that, but there are certain steps you can take to avoid these headaches or out-of-pocket costs to pay the ransom:
1.) Backup your data regularly by creating restore points and a set schedule to backup your files often.
2.) Show hidden file extensions. Re-enabling the ability to see the full file extension (name) will make it easier to spot malware as most use executable files, or files that end with “.EXE”
3.) Never click on “.EXE” or executable programs in your email.
4.) Update your OS software and patch it whenever possible. These ransomware programs rely on people running outdated software with known vulnerabilities. Updating and patching regularly ensures the latest security “holes” have been patched up and are no longer a threat.
5.) Use an effective security anti-malware program. We are by no means affiliated with them, but have found that Malwarebytes works extremely well and it’s 100% free.
Comments will be approved before showing up.