(NETTAVISEN / page3) Ransomware is the big buzz word in the security world currently.
There are cunning tab creation of high level and a new favorite among cyber criminals.
This is the type of digital blackmail that allows cybercriminals to gain anonymous paid directly from their victims. It is not a new type of “virus”, but has really taken off over the last couple of years.
Simple and effective
The way it works is pretty simple:
your computer is infected with malicious software that encrypts / unlocks all you have left of personal documents, music, pictures, videos and the like. You then get a message from the facilitators that they like to unlock your files again, if you pay a ransom.
If you do not pay, then stays files probably unavailable in perpetuity – unless you have backup another place.
Thus, many years of family photos, jobs and the like go keg unless you pay.
for individuals it is scary, for businesses it can be a matter of a being or not be. Earlier this year, had a hospital in the United States pay $ 17,000 to get back their electronic health records.
Attacker now Mac OS X
Now reports Paloalto Networks that for the first time have seen software also spread on Mac OS X.
Blackmail software was spread through an infected version of the popular program Transmission.
the new software named Kerang began to spread just before the weekend.
backers had managed to gain access to the websites of the popular free BitTorrent application Transmission. Anyone who downloaded the program from the official website were joined Kerang.
When Transmission was installed, also installed Kerang on your computer. This program had in fact a valid Apple developer certificate that made it got past Apple’s security systems.
Requires 3.500 million in ransom
After three days beginning Kerang encrypting 300 different file formats with an incredibly powerful encryption that is near impossible to crack.
to access the files again, requires perpetrators that you pay one Bitcoin – the equivalent of about 3500 kroner in writing – through an encrypted page.
backers seem to be as “customer oriented” that they have their own “customer Service” that helps payment and decryption if one should have problems.
backers includes help system for those who need help.
Paloalto Networks reports that the software seems to be in active development, and that the next step seems to be the software also tries to encrypt backup files from Time Machine.
Mac users have been largely spared from malware, but now these are also at risk.
yet stopped
the infected version of Transmission is now removed from the official Journal, and Apple has withdrawn the certificate that made it possible for Kerang to install itself.
Security Experts fear however that this is just the first taste Mac users are now so attractive that cybercriminals actively trying to attack them.
to reduce the risk
In Sunday’s attack against Mac users was the method of such a type that even professionals users could be fooled, since the software lurked in with popular software, and circumvented the security settings.
NorSIS following recommendations to guard against kidnapping software – and mitigate the consequences if the first should befall you:
- NorSIS recommend not to pay ransom to the criminals to get the password decrypts files
- Take regular backup.
- as the situation is today with this virus, is the easiest way to clean up the virus on to clean up the systems and rolling back a backup.
- have updated antivirus program
- Update all programs on your computer.
No comments:
Post a Comment