Ransomware continues to dominate the news; there are no real signs of
it letting up. In fact, according to a new report from McAfee Labs all
indicators suggest that Ransomware will remain a major and rapidly
growing threat in 2016.
New variants of Ransomware are appearing on a daily basis and traditional security tools like antivirus are struggling to keep up. These new variants have also changed the way they encrypt files and what happens to your data once it is encrypted. These include:
- Ransomware-Locky removes the volume shadow copies from the compromised system, thereby preventing the user from restoring the encrypted files.
- Filecoder.Jigsaw is really aggressive and deletes some of the encrypted files every hour. Newer variants of Jigsaw are branded CryptoHitman and displays a series of pornographic images on the victim’s computer.
- Latest variant of the TeslaCrypt ransomware no longer uses an extension for encrypted files, making it more difficult for victims to identify the threat.
- Master boot record killers like Petya have the ability to install a second file-encrypting program.
- The authors of the CryptMix Ransomware are offering to donate ransom fees to a children’s charity but this is belived to be another scam to dupe victims into paying the ransom.
- Tech support scammers have begun using Ransomware tools to increase their chances of extracting money from victims.
On some previous blogs, we looked at many ways of preventing Ransomware attacks with
the #1 tip to back up your data and ensure you do a test restore.
However, even with the latest generation firewalls and antivirus on all
desktops, Ransomware can still get into a network. The most common
attacks use email phishing with dodgy attachments, but we have also seen attacks using remote desktop services and infected data storage devices.
Read our latest blog, to understand what you need to know about detecting Ransomware activity in your organization.