A scary malware is on the rise and it could end up costing you a fortune.
Ransomware, which is a type of malware that holds your mobile phone, computer, or certain files on your computer hostage until money is paid, is increasingly becoming a cyber criminal’s favourite kind of weapon.
In fact, there was a 165% increase in new ransomware during the first quarter of 2015, according to a data published Tuesday by the security firm McAfee.
Why is Ransomware becoming a big deal all of sudden?
Ransomware, like any other kind of malware, is taking off because it’s a lucrative business for cyber criminals. Hackers can make thousands of dollars each month depending on how many people opt to pay the ransom.
Cyber-thieves usually demand anywhere from $US200 to $US5,000 as an initial payment and give the victim detailed instructions about how to pay the ransom, according to the FBI. And if the victim doesn’t pay within a certain period of time, the ransom may double or the files on the infected device will be completely destroyed.
Not to mention, as retailers boost security to prevent bad actors from stealing credit card data, cyber thieves are looking for new revenue streams.
One particular kind of ransomware family, called CTB-Locker, is largely to blame for the surge in new types of ransomware recently.
What is CTB Locker? Why is it so dangerous?
CTB-Locker is a variant of CryptoLocker, which was the big ransomware last year.
It is especially dangerous because it’s very hard to detect. Often times the ransomware comes in the form of email spam that looks legitimate. It can also be spread in newsgroup postings, peer-to-peer networks and internet relay chat, according to McAfee’s report.
To make matters worse, CTB-Locker is even able to get around security software by hiding in a .zip file within a .zip file and unpacks as a screensaver file. Once a computer or device is infected, a scary looking message like the one below appears.
According to McAfee’s report, CTB-Locker has been found in several languages including English, Dutch, German, French, and Italian — and these languages extend to the attachments, making the phishing emails more authentic.
Because the basic malicious code for ransomware is readily available on black market websites, new forms of the malware are constantly springing up. CTB-Locker is just the most popular right now.
“CTB-Locker is the variant of choice right now,” said Jason Glassberg, the co-founder of the security firm Casaba Security. “Inevitably it will be knocked out, but just as it’s dying down a new strand will rise.”
So how can you prevent being infected with CTB-Locker and other kinds of ransomware?
While CTB-Locker can be difficult to detect, there are a few things you can look out for to avoid getting affected.
First, you should always make sure you have your hard drive backed up, Glassberg said.
“The most important thing you can do, bar-none, is to continue to make backups of your data,” he said. “Because in the worse case scenario — your computer becomes affected and your hard drive becomes encrypted — you can at least revert back to the last good backup.”
Second, you should always be weary of what you click on, the websites you visit and what software you download, Glassberg cautioned. This can be tricky because ransomware can often times look very legitimate, but that just means people should be extra cautious.
The FBI cautions to never open attachments or click links in unsolicited emails, even if it’s from someone in your contact list.
And third, you should always keep your software up to date because old or unpatched software is the primary vector hackers use to infect your computer.
“This, of course, is really one of the real dangers of running an outdated operating systems like [Windows] XP: While people may love them and think they work, nobody is actively supporting them and so new vulnerabilities are found. But nobody is patching it and so you are leaving yourself vulnerable,” Glassberg said. “Keeping everything up to date and patched is of paramount importance.”
The FBI also recommends installing a pop-up blocker and using strong passwords to help avoid a ransomware infection, as well as using anti-virus software.