Regular readers on this site are aware, that virtually all downloads I recommend, are hosted on CNET’s (download.com), site. There is good reason for this – CNET scrupulously audits hosted downloads, to ensure they are not contaminated by malware.
The same cannot be said for many other download sites. As a result, downloading can be extremely risky, especially for unaware users.
Ransomware is a particularly vicious form of malware which often piggybacks on what appears to be legitimate software. In most instances ransomeware encrypts the victim’s files, after which the cyber-criminal demands a ransom to decrypt the kidnapped files.
Security researchers at CA, one of the world’s largest IT management software providers, have discovered a new piece of ransomware that blocks an infected computer from connecting to the Internet. On payment of a fee (to be paid by SMS), the victim’s machine will be unlocked.
This new piece of ransomeware uses the uFast Download Manager application download, as an entry point, to infect victims computers. Following installation, the victim is presented with the following screen:
(Graphic courtesy of CA)
The following is a rough English translation:
Internet access is blocked due to violation of the license agreement schedules of uFast Download Manager
You must activate your copy
Get a registration code by sending an SMS with the following code fw0004199 to number 7122
In response you will receive an activation message.
Enter the activation message received from the SMS response ________
Don’t relax your guard simply because this malware seems to be currently focused on Russia. This type of attack knows no borders. Ransomeware attacks seem to be escalating.
If you should become infected by this Trojan your best course of action, assuming your installed malware scanners cannot remove the infection, is to take advantage of the multiple online scanners offered by the major anti-malware software developers.
For a review and list of online malware scanners please read “Free Online Spyware/Virus Scanners – Multiply Your Protection”, on this site.
Note: Download managers are one of the most popular applications offered for download on the Internet, as the following graphic of a Google search indicates – 24,600,000 returned links.
The Browser security application WOT, indicates, that on this page, half of these links are unsafe, or require caution.
Regular readers are familiar with the following security precautions – but they bear repeating.
Make regular backups of critical data. If you are infected this may be your only solution
Don’t store critical data on the system partition
Don’t open unknown email attachments
Download ONLY from well established sites, or sites that are known to you
Don’t run programs of unknown origin
Disable hidden filename extensions
Keep all applications (including your operating system) patched
Turn off your computer or disconnect from the network when not in use
Disable scripting features in email programs
Make a boot disk in case your computer is damaged or compromised
Turn off file and printer sharing on the computer
Install a personal firewall on the computer
Install anti-virus/anti-spyware software and ensure it is configured to automatically update when you are connected to the Internet
Ensure your anti-virus software scans all e-mail attachments
If you enjoyed this article, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.