Awareness is the Key to prevent Ransomware Attack

  Vivek       February 8, 2021

Malware attack is a familiar term for everybody with access to the Internet. For infinite times, we had been attacked by different kinds of malware like Viruses, Worms, Trojans, Ransomware, etc. Ransomware is malware that uses cryptoviral extortion-encrypting victim’s files, making it inaccessible and demanding a ransom to accept it. And in recent times there had been repeated ransomware attacks all over the world.

About the Virus

 Name- ReadInstructions virus.

 
Type- Ransomware, Crypto Virus, Files locker.

 
Encrypted Files Extension - ReadInstructions, .READ INSTRUCTIONS,  

Ransom note- Recovery_Instructions.html, INSTRUCTIONS.html

Symptoms- All your important files and data are locked and cannot be opened unless using a private key.

Distribution- spamming, executable files, etc., RDP, file sharing.

Damage- Causes permanent data loss and may also let other harmful infections fall on the compromised device.

How does Ransomware Infect?

Malicious content (ransomware and other malware) is spread mainly by Trojan horses, spam campaigns, illegal activation tools ("cracking"), fake updates, and unreliable download channels. A Trojan is a malware that can cause chain infections (i.e., downloading/installing additional malware).

Widespread spam campaigns are used to send misleading e-mails containing dangerous files (or links to them). These messages are often presented as "official", "significant", "urgent" and so forth. Attachments are available in a variety of formats (for example Archive and executable files, Microsoft Office and PDF documents, JavaScript, etc.). The infection begins once these files are accessed or opened.

Instead of enabling licensed products, illegal activation tools ("cracks") may download/install malware. Lousy updates infect systems by leveraging vulnerabilities in outdated software or by simply installing malware rather than updates.

Unreliable download sources such as unofficial and free file hosting sites, P2P sharing networks (BitTorrent, eMule, Gnutella, etc.), and other third-party downloads offer malicious content for download (e.g. Disguised as regular programs and/or packaged with them).

How Ransomware Spreads?

Spam e-mail campaigns.

Fake updates

Torrent sites

Unprotected RDP and file sharing using shared folders.

How to protect yourself from ransomware infections?

Do not open suspicious or irrelevant emails, especially incoming emails from unknown senders. All attachments (and links) found in the suspect mail should not be opened as they are the potential source of the system infection. Disregard suspicious e-mails which include attachments such as. HTML, . doc, pdf, etc., or links that might include ransomware.

Use the only official and verified download channels.

Scan all unknown executables or block *.exe and *.bat files if not required.

Do not open any ad links in web browsers or email unless you know it is authentic.

Use a reputable antivirus program and keep it up to date.

Schedule a regular backup of your critical servers and data to an external drive isolated from the network.

Finding a permanent solution to this kind of malware attack is a topic of long debate. Developing awareness about online security is the only possible way of handling these issues for the time being.