If you follow what’s going on in the tech world, you might heard or come across with a new global threat in a form of a virus known as Ransomware. While it was not actually quite new, this type of virus really has a great impact to users who were affected either individual or worst, to an organization.
What is ransomware?
So, what is this ransomware anyway? Ransomware is a type of virus which, when executed, will encrypt all documents in an infected computer, be it words, excels, pdfs, and event image files. it will then defaced the infected PC’s wallpaper, normally with a black background and a message informing that the user’s documents have been encrypted, and time frame is given to the user to get back the encrypted file with a decryption key. To get this key, the user will need to pay a sum of money, like a ransom, normally in bitcoin currency. If the user failed to pay after a period of time, the ransom will doubled up and will make it more expensive to pay.
It is quite impossible cure or clean this virus since the files were encrypted, and there is no way for you to crack the encryption. There are cases where infected user paid the ransom, but still unable to get back the file because they never get the decryption code.
What is ransomware attack?
You might be wondering, how does ransomware get on your computer? The most common way the file is distributed is via an attachment in emails. For example, what seems to be an email from your CEO, or emails with “invoice” in it’s attachment, it surely will be opened by at least by one of the employee, open the attachment, and then, all documents on the infected computer will be encrypted.
Click to enlarge
As you can see in the example above, emails were received via a sender, which probably had already being cloned, requesting for a quotation.
The hacker took their time to write a very convincing emails, with detailed information items requested, like what a normal purchasing officer might request. The email also includes two attachments, one as a PDF and another one was compressed in RAR format.
Click to enlarge
When we checked deeper the contents of the email, especially the attachment, you can see that the RAR file contains an EXE file. Now, why would you want to send an executable file, in an email attachment, which is requesting for a quotation? That is why most email filtering will flagged emails which contains an EXE file in it’s attachments. Some how rather, it might find it’s way through the filtering process and reached your mailbox. That is why you have to be extra careful when opening an email, especially which contains an attachment.
How to stop ransomware?
While to date, there are lots of ransomware variants which are spreading in the world wide web, it is quite hard to find an effective cure or solution that can clean or fixed the infected ransomware file. However, you can try to check out this website at https://howtoremove.guide/how-to-decrypt-ransomware/ which might help you to tackle or decrypt infected ransomware files. If you are one of the victims, and happens to found this website, you can try out the solutions that was suggested and share with us whether it works or not.
“Prevention is better than cure”. This is true, it is better to prevent than it is to cure. Here’s what you should do to protect yourself from becoming one of the victims;
– Make sure your computer is protected with a good antivirus
– Always update your virus definition
– Make sure your Windows is up-to-date with the latest patch or updates.
– Do not open any email attachment that might contains malicious files, for example “.exe” file.
– If the attachment contains a compressed file, such as ZIP or RAR, always save it first on your desktop. DO NOT directly open the file. Do a virus scan first, then extract the files.
Let us be safe, let your computer end up to be like this.