Ransomware, Because Malware Wasn’t Bad Enough Already

melissa • November 17, 2015 • No Comments

Unfortunately, spyware and malware are things we’re all to used to as computer users. We’ve been scanning and quarantining for years, and sometimes that’s hasn’t been enough, forcing us to rebuild whole systems.

I’m not even talking about the impact these things have in an enterprise computing environment, which can be catastrophic. Many of us have seen organizations grind to a halt as viruses propagate through the network. Unfortunately, this is a nasty part of technology us as individuals and organizations have had to learn how to deal with through the years.

If you thought popups and hijackers were bad, you haven’t seen anything yet. Enter ransomware, malicious software so disruptive it gets its name. What is ransomware you ask? Well, according to our friends at Wikipedia:

Screen Shot 2015-11-17 at 10.23.34 AM

Wait, what? That’s right folks, ransomware holds your computer hostage, requring payment to unlock your files. Some ransomware will even encrypt your files, making your recovery even harder unless you succumb to the extortion.

NakedSecurity describes CryptoLocker  as the poster child of ransom wear. Chances are you’ve heard something about it, but perhaps only in the context of being a nasty virus. The fact is, CryptoLocker is much much worse than that. CryptoLocker leverages something called public-key cryptography, usually used protect data, to encrypt your computer and charge a $300 bucks for the decryption key. It is estimated that these guys got away with $27 million dollars just in September and October 2013 before the malware could be attacked.

Unfortunately, CryptoLocker wasn’t the end of this type of thing, just one of the most well publicized. While CryptoLocker and many other pieces of ransomware target Windows, there are more platforms at risk as well. The same principles can be applied to Android apps, and even Linux.

One of the more recent ransomware attacks, Android/Lockerpin.A, will hold your Android phone for $500 dollar ransom, along with a pretty scary FBI notice that will probably compel many to pay it. Your other choice? Reset your phone to factory defaults and hope you have a backup. A common tactic is to scare the victim into paying with these fake notices of illegal activity.

Linux isn’t immune either, this month Linux.Encoder.1 hit the streets. It seeks to encrypt files related to web sites and development on the server. Luckily, there was a flaw in this nasty piece of ransomware, and a ransom-less fix was found.

Recently, a Brazillian researcher preformed a proof of concept demonstrating that yes, even Macs are not immune to ransomware. He was also not the first. The fact is, if you’re connect to the Internet with something, you’re vulnerable to malware, spyware, viruses, and even ransomware.

Ransomware is nasty, nasty software. The best way to avoid it is to hopefully continue practicing hygienic computer use. While everyone loves to complain the Anti Virus is slowing down their laptop or server, the fact remains it is there for a very good reason. Imagine the crushing impact if ransomware were to propagate through a corporate network, leaving useless encrypted devices in its wake. Remember to think twice before downloading those random apps from the Internet, they aren’t always what they seem.

Categories infosec

No Comments