New Ransomware acts like a Windows Update
written by Matt Bullock posted on February 22, 2018
Hackers are getting more bold and more creative in an effort to get your money. A researcher at AVG (the anti-virus company) has discovered a new strain of Ransomware (a term given to malicious software that encrypts all your files and demands a ransom to get your files back) named Fantom. If you don’t pay the ransom, there is no way to get your files back. The encryption they use would take a super-computer years to crack. Small and large businesses alike, including hospitals and city governments have fallen prey to this malicious software. Hackers are making millions of dollars in ransom fees – paid by victims so they can get their files unlocked. So what are the symptoms and effects of this new strain of Ransomware:
A pop-up that says you have a critical update that must be installed
The first sign that your computer is about to be encrypted is a pop-up window that says something to the effect that there is a critical Microsoft update that must be installed to protect you from a virus or hardware problem. Many unsuspecting users will click on the pop-up to keep their computer running well. Once you click on the pop-up, the Ransomware goes to work and within minutes, all your files are encrypted and can’t be accessed. Once your files are encrypted, a text file or web page will be added to every folder on your computer with instructions of where to send your money to get the unlock key.
What do I do if I get this Ransomware infection?
Not to be the bearer of bad news, but the only way to get your files back (unlock the encryption) is to pay the hackers (they always request you pay in the new digital currently Bitcoin, to an anonymous overseas bank account), or have a really good backup of all your files. A really good backup means a professional-grade backup software program and ideally an off-site backup solution as many of these Ransomware variations can actually encrypt the backup files on a connected external hard drive (and some can even go through your network and encrypt your whole office and all your local backups). If you aren’t running a great local and off-site backup now, start working on it.
What is the best way to avoid getting a Ransomware infection?
85% of all viruses and malware are caused by human error – clicking on a pop-up advertisement on a website (“You’ve won 2 tickets to Las Vegas! Click here to get your tickets”) or clicking on a malicious link or attachment in an email (actually, the vast majority of malware comes through email links and attachments). You need to take a few seconds to ask yourself, before clicking on any link or attachments in an email: am I really expecting this email? Is my bank really asking me to click on a link to reset my password? Would one of my friends really be sending me an email with poor English throughout?, etc. Although nothing can prevent 100% of all malware, having a great anti-malware program (like Malwarebytes, Hitman Pro, etc.), local and off-site backup (look at Cryptonite or Mozy Pro if you don’t have off-site backup through your company office) and a few seconds of contemplation before clicking on something, can eliminate 95% of your risk.
About Accelera IT Solutions
Accelera IT Solutions is a Phoenix, Arizona-based provider of complete IT services and solutions including on-site support, remote support, data backup and replication (to our secure data center), consulting for HIPAA and PCI compliance, IT project management and cyber-security audits and planning. Accelera also specializes in hardware consulting and installation/setup of servers, workstation, laptops and desktops. Our goal is to show you how IT can be a profit center, not an expense. Contact Accelera at 623-266-4190 or at www.accelera.tech
