14 DAY TRIAL // Not all ransomware locks up your computer screen and holds it for ransom. The more clever versions take over all your files, encrypt them, and ask you to pay up if you ever want to see them again.
We’ve covered ransomware attacks from all over the world, trying to educate users on how to avoid falling victim to such scams. Authorities have issued numerous warnings in an attempt to slow down the threat.
However, since raising awareness is not as easy as it sounds, and since the police have little success in apprehending those who launch such campaigns, cybercriminals can take their time to improve their creations.
Sophos experts have found a piece of ransomware that scans a victim’s computer for over 110 file types - including .doc, .jpg, and .pdf -, encrypts them, and renames them all with a .BLOCKAGE extension.
Once the files are encrypted, the malicious element sends a copy of a serial key to its command and control server.
According to the researchers, the encryption is truly strong because a unique key is randomly generated each time. The files are encrypted using an AES-256 cipher algorithm, which makes it impossible to recover the files without the key.
But, apparently, this is the only sophisticated thing about this particular malware, the rest of it being poorly coded by what appears to be an amateur developer.
This is not the first time we hear of such ransomware. A few months ago, Bitdefender experts highlighted the fact that it’s much more difficult to clean up after such malware because the encryption is usually strong.
The malware itself can be removed, but the problem is that the encrypted files might be lost forever.
On the other hand, no matter what type of ransomware you run into, the advice is the same: don’t pay the crooks since there’s no guarantee that they will free your computer/files.