The security researchers at Emsisoft have got a good write-up of Ransom32, a newly-discovered piece of ransomware.
Ransomware, of course, is nothing new. For some time computer users have been plagued with malware which encrypts their files or blocks access to devices, with demands that X number of bitcoin be paid for their release.
Ransom32 is not even different because it is “ransomware-as-a-service”, online software that effectively puts the power to create ransomware into the hands of just about anyone – regardless of their technical know-how – if they are prepared to pay the price. Sadly, ransomware-as-a-service is nothing new.
By turning their ransomware into a sellable service, the criminals behind Ransom32 are providing an opportunity for other hackers to easily launch attacks that will encrypt users documents, personal photographs, movies and more… and then demand payment via anonymous Bitcoin to ensure the safe return of the otherwise unrecoverable data.
In other words, rather than build their own infrastructure, attackers can let Ransom32 do all the heavy lifting for them.
Showing entrepreneurial spirit, the creators of Ransom32 skim off 25% of any money successfully extorted for themselves.
Presently the attack appears to have been distributed via email, so once again users are advised to exercise great caution over what they run on their computers – especially if it arrives via unsolicited email.
Of course, it’s always sensible to ensure that you have backups of your important data – so that if the worst should happen you can recover without having to pay any money to the extortionists.
As is often the case, the oldest rules of safe computing are often the wisest. Back up your important data, as it’s better to be safe than sorry. I believe that online extortion will be a growing problem in 2016, so take steps to minimise the risks now.
Learn more about Ransom32 on the Emsisoft blog.