Ransomware attacks on the rise

By on
Ransomware attacks on the rise

Your copy of Windows is fake!

An increase in ‘ransomware' attacks has been detected over the past few months.

One recent attack was a fake warning from Microsoft claiming it had detected a pirated version of Windows and the user had to pay a fine or be reported to the police.

Other messages purported to be from law enforcement agencies.

“While we are used to seeing this kind of fake message in English, in this case the attacks are localised," PandaLabs technical director Luis Corrons.

"We have seen English, German, Spanish and Dutch [messages], depending on the targeted country. All of the attacks are targeting some European country, so it looks like they are related and the same cyber criminal gang could be behind them.”

Once their computer is infected, the user is informed that they have accessed illegal material (such as child pornography) and that the computer will be locked to prevent further abuse; to unlock their computer, they have to pay a 'fine'.

“The worst thing for the user is that it actually blocks the computer, so it is not easy to remove. To do it, restart the computer in safe mode and run a scan with an anti-virus solution that is able to detect it,” Corrons said.

Corrons said the infections were distributed using different exploits via drive-by-download techniques, rather than by targeting people.

“However, once you are infected the file connects to a certain URL and, based on the victim's IP address, it will retrieve the localised version of the message that will appear in the computer,” he said.

Asked how best to avoid or deal with infection, Corrons recommended having software updated, starting with Java and Acrobat Reader, and using anti-virus software.

This article originally appeared at scmagazineuk.com

Copyright © SC Magazine, US edition

Most Read Articles

Log In

|  Forgot your password?