Any user should know how to avoid ransomware attacks as they are, in fact, malware attacks that encrypt victim’s files. Then, the attackers ask victims to pay a ransom, in order to decrypt them. Usually they ask for huge amounts of money in cryptocurrency. Recently, RagnarLocker group, well known for their care in selecting targets, has decided to adopt innovative attack vectors.
RagnarLocker‘s operators started running Oracle virtual box, in May, in order to avoid detection and start internet attacks for money. In fact, it is the first time the group abuses virtual machines for attacks.
They used victim’s Windows XP virtual machine to hide. First, in order to be able to do this, the ransomware downloads and installs Oracle VirtualBox. The it configures it in order to gain full access to all the drives. This way, the virtual machine can interact with all the files outside its storage.
Afterwards, VirtualBox app uses encrypted versions of the files from both the local system and shared drives to replace the original ones. The attackers do this wisely, as the changes are undetectable for the antivirus solutions.
In their previous attacks, the operators used botnets, email spam with malicious attachments, fake updates, infected installers etc.
Usually, attackers come to ask for money as ransom, after they manage to encrypt sensitive files on the victims’ computers. But, in order to achieve this, there is a more complicated mechanism behind, which uses malware.
Usually, they send an email to victims, in order to convince them download an attachment or a file. Once they download or open the file, the malware installs on the system and encrypts important files. Users can not decrypt those files without the decryption key, which is only in the attacker’s hands.
Sometimes, hackers try to get access to sensitive information, be it pictures, movies, docs or PDFs. Then, they ask for a ransom, in order to prevent leaking these online.
Although it might look scary, users can avoid ransomware attacks by following a few simple rules. One of the most important is to always keep the system and the antivirus solution up to date. Secondly: only install software from trusted sources. Thirdly: regularly backup the most important files on the computer, to prevent data loss. Of course, using a whitelisting app might be of huge help for any user.
Its digital advertising practices continue to bring troubles for Google. Two separate cases will go to court in the UK…
WPP, Delta Airlines, Kellogg and Mindshare take the issue of advertising discrimination seriously, in order to combat bias in digital…
Ad fraud has become a very big issue for both users and the advertising agencies. Different forms of it might…
The Facebook lead architect of the ad-based business model leaves the company. Let's see how her move could affect company's…
A new Meta privacy policy comes soon for the company's platforms. Users would be notified of the updates about how…
As its “customers don't like ads,” Evite, an American online party planner, decided to just close its advertising business, while…
View Comments