Home
Tech info
Technology
Science
Life
Application
Electric
Program
Mobile
Windows 10
Windows 11Protect your computer right before the return of two extremely dangerous ransomware
Ransomare has been in operation for only a few years but it has spread everywhere, from large businesses and financial institutions to hospitals and individual users around the world - to cybercriminals. millions of dollars.
In the past few months, we have witnessed a series of scary ransomware attacks including WannaCry, Petya and LeakerLocker that confuse the internet world, causing many hospitals, telecommunications companies, banks to temporarily shut down door.
Before WannaCry and Petya, encrypted ransomware called Mamba and Locky caused global chaos last year. The bad news is, nowadays, they have come back with new variations that cause greater damage than ever before.
- How to use Kaspersky Anti-Ransomware Tool for Business
- Summary of effective Anti-Ransomware software
- The scary scenario of the spread of GhostCtrl malware on Android devices
Diablo6: New variant of Locky
First appeared in 2016, Locky is one of the largest spread ransomware, infecting organizations worldwide.
By tricking the victim to click on an attachment containing malicious code, Locky will encrypt most file formats on the victim's computer and network, and unlock them until the Bitcoin ransom is paid to those the attacker.
This Ransomware has returned to many variants and is distributed through Necurs and Dridex botnets.
Security researchers have discovered a new malware campaign, Locfaky's new variant of distribution named Diablo6 and targeting computers worldwide. An independent security researcher using the alias Racco42 found out that the new variant of Locky could first encrypt the infected files on the .diablo6 extension.
This variant of ransomware appears on the email containing the Microsoft Word file as an attachment. When opened, a VBS Downloader script will be executed and try to download Locky Diablo6 from a remote server file.
The ransomware will then encrypt the files using the RSA-2048 key (AES CBC 256-bit encryption algorithm) on the infected computer before displaying a message to instruct the victim to download and install. Set Tor browser and access the attacker's website for instructions and payment. The Locky Diablo6 variant requires money from 0.49 Bitcoin (ie more than $ 2,079) from the victim to retrieve the data.
Unfortunately, at the present time, we cannot restore encrypted files with the .Diablo6 extension so users need to be cautious when opening email attachments.
The return of ransomware Mamba
Mamba is another type of ransomware that is equally powerful and dangerous. It has the ability to encrypt the entire hard drive on the infected computer instead of just files that make the system unusable unless paid ransom.
Late last year, Mamba attacked the San Francisco City Transportation Agency (MUNI) network on the weekend of Thanksgiving, causing great delays for trains and forcing authorities to temporarily turn off ticket machines and ticket collection gates at some stations.
Currently, Kaspersky Lab security researchers have discovered a new campaign to distribute the infection of Mamba, targeting networks in countries such as Brazil and Saudi Arabia.
Mamba uses a legitimate open source Windows encryption utility called DiskCryptor to completely block the computer hard drives of targeted organizations. Therefore, there is no way to decrypt the data by the extremely powerful encryption algorithm used by DiskCryptor.
The message displayed on the infected screen indicates that the victim's hard drive has been encrypted and provides two unique email addresses and ID numbers to unlock.
How to protect your computer from ransomware attacks
Ransomware has become one of the biggest threats not only to individuals but also to businesses.
Currently, there are no codecs available to unlock data from Mamba and Locky, so users should follow the precautions below to protect themselves.
- How to get rid of root virus * .OSIRIS - Ransomware Locky?
Be careful with phishing emails : Always be alert to "uninvited" emails and never click on links within those emails unless the source is verified.
Back up data regularly : To closely capture important files and documents, back up your data regularly and store it on your device outside your computer.
Always update your antivirus software and system: This is also one of the most useful ways to protect your computer from ransomware infection.
Marvin FryYou should read it
- [Infographic] 7 effective ways to protect businesses from Ransomware
- How to enable Ransomware Protection on Windows
- How to use Acronis Ransomware Protection against ransomware
- Warning: Ransomware is spreading through fake malicious Windows updates
- How to get rid of root virus * .OSIRIS - Ransomware Locky?
- Acronis Ransomware Protection, a completely free anti-ransomware solution for Windows
- General guidelines for decoding ransomware
- Matrix Ransomware is back under the distribution of RIG Exploit Kit
May be interested
- Matrix Ransomware is back under the distribution of RIG Exploit Kit
security researcher jérôme segura of malwarebytes has discovered matrix ransomware being distributed through rig exploit kit on malicious display sites. - How dangerous is Ransomware on smartphones?ransomware can also spread to smartphones and this can have equally serious consequences.
- Instructions to remove WannaCry Ransomware from your computerwanna cry ransomware is currently a nightmare for computers around the world, if you don't protect yourself with the knowledge about deleting wannacry from your computer, you are most likely the next victim of wanna crypt ransomware.
- PureLocker - a very 'weird' ransomware strain that can encrypt serverspurelocker: new ransomware strain with an unusual attack mechanism
- How to use Trend Micro RansomBuster blocks ransomwaretrendmicro ransom buster is ransomware blocking software on your computer, detecting dangerous files that infiltrate your computer.
- Top 5 DANGEROUS VIRUS types that you need to be wary of in 2021warning you about 5 new extremely dangerous viruses that you need to be vigilant about to avoid losing data as well as online accounts, bank accounts ..
- What is Petya? What is NotPetya? Is it really ransomware or is it even more dangerous?according to a new analysis, notpetya is designed like ransomware but it is malware that erases the hard drive, completely removes the data on the computer, destroying all records from target systems.
- What is Ransomware Ryuk? How to prevent it?cybercriminals are using a new form of ransomware to target large businesses and take money from it. since august, the ryuk team has made $ 4 million by installing malicious encryption software on high-value targets.
- 4 recommendations to limit risks from ransomwareransomware is a common form of cyber attack, appearing in many fields. understanding how it works will help your organization protect against future threats.
- General guidelines for decoding ransomwarein this guide, tipsmake.com will try to help unfortunate readers infected with ransomware and encrypted files on the computer.
Attack the network
- Hacker attacks 8 extensions on Chrome
- Windows SMB users should close some ports to prevent WannaCry
- Hackers have deciphered Apple's Secure Enclave security chip
- Ad Tracker on e-commerce site can flip the Bitcoin transaction mask
- Igexin advertising API brings spyware to steal user information
- Trojan banks surpass the malware defense of Google Play
Hacker attacks 8 extensions on Chrome
Windows SMB users should close some ports to prevent WannaCry
Hackers have deciphered Apple's Secure Enclave security chip
Ad Tracker on e-commerce site can flip the Bitcoin transaction mask
Igexin advertising API brings spyware to steal user information
Trojan banks surpass the malware defense of Google Play