Ransom VirusesÂ made to look like legitimate applications!
Ransomware viruses (also known as ransomware) is one of the fastest growing classes of malicious software. A few years ago they were simply just screen blockers such as the FBI virus fast forward to today and we have ransom viruses like Cryptolocker, Cryptodefense and Cryptowall.
Whatâ€™s changed over the past few years?
In the beginning we viruses such as the FBI virus we simply saw a screen lock. A screen lock is when you boot up your computer you see the virus and it takes control of the machine. It does so by allowing you to do nothing except power down the machine and boot up to the same locked screen again. This cycle quickly makes people desperate and they hope to gain access back to their computer by paying the ransom with a western union or green dot card payment. Today, we are seeing more complex and smarter versions of these viruses such as cryptowall. Cryptowall encrypts your data (ex. Photos, word docs, excel docs, some databases, etc.) and then demands ransom in the form of bit coins to get the decryption file to decrypt all of your data and get it back. You can see a more detailed post on Cryptowall here.
Ransom viruses are currently being disguised as Windows 10 updates coming from the email address firstname.lastname@example.org with a subject line such as Windows 10 Free Update. At first glance this appears to be an innocent Windows 10 update but in reality itâ€™s a ransom virus. The virus comes disguised in the Windows 10 downloadable update file from the email. While theÂ user thinks they are updating to Windows 10 for free they are really installing the ransom virus which then begins encrypting the userâ€™s data. Be very wary of such e-mails as Windows 10 truly is allowing free upgrades for Windows 7 and 8 users but only through the Microsoft update feature built into your Windows operating system. (you may have seen the icon on your task bar)
What to do about ransom viruses?
Keep your anti-virus program and definitions up-to-date. Donâ€™t open any e-mails from anyone you donâ€™t know and if you do then certainly donâ€™t download any attachments from that e-mail. Additionally, you can setup your anti-spam/email filter to filter out the email address email@example.com or e-mails with the subject line Windows 10 Free Update. While these methods will help they arenâ€™t fool proof. We recommend Malwarebyte Pro or Business Edition to protect against or remove such ransom threats.
Looking for help protecting against ransom viruses or just general anti-virus protection? Contact Us!