New Ransomware Steals Passwords
A new variation of Ransomware is stealing your passwords – before locking down your files for ransom.
ALERT: This New Ransomware Steals Passwords Before Encrypting Files Thursday, December 03, 2015 Swati Khandelwal
The First Payload infects the victim’s PC with a widely used data thief exploit known as Pony that systematically harvests all login usernames and passwords stored on the infected system and then sends them to servers controlled by hackers.
This allows attackers to obtain working logins for a number of websites, e-commerce sites, and even corporate applications, from which the hackers could steal more data.
The Second Payload drops the widely-used CryptoWall 4.0 Ransomware that locks user files until a ransom amount is paid.
Prevention is the Best Practice
As I previously recommended, one of the best defense measures to mitigate the Ransomware attack is to:
1. Keep your systems and apps up-to-date
2. Create awareness within the organizations
3. Maintain backups of your files on an external hard drive regularly
Most malware and viruses are introduced by clicking on links usually contained in spam emails and opening attachments from unknown sources.
So, DO NOT CLICK on any suspicious link provided in the emails and attachments from unknown sources.
How to Prevent & Avoid Ransomware
You protect yourself from ransomware exactly like you protect yourself from all viruses and malware.
1. You should have a firewall. A router is probably good enough and an additional software firewall is fine if you’re paranoid. Turning on the Windows 7 firewall these days is usually enough.
2. Run up-to-date anti-malware tools. I happen to recommend Microsoft Security Essentials, but there are many, many others. Make sure that they are running and up-to-date.
3. Keep your system and software up-to-date.
4. And of course the usual advice applies: don’t download random things from the internet; don’t open attachments that you aren’t completely certain are valid and correct. The most recent and virulent ransomware seems to arrive most often in the form of an email attachment.
Basically, do all the things you should already be doing to keep yourself safe on the internet. In fact, that’s the article that I’m going to point you at (“Internet Safety: 8 Steps to Keeping Your Computer Safe on the Internet“) because that’s really all this boils down to doing.
This happens to be just one style of threat – a particularly nasty one – but one that you protect yourself from it in the exact same way that you protect yourself from all other styles of attack… all other styles of malware.