This new ransomware can be deadly for your most precious files – here is how you can remain protected
- Advertisement -
Related Posts
- Advertisement -
- Security researchers claim that Anubis Ransomware adds a file wiper
- The wiper reduces all files to 0 kB, and destroys them irreversibly
- This can be an extra pressure point during the negotiations
Anubis, a relatively new ransomware-as-a-service (RAAS) processing, has added a new function to his encryptor that irreversibly destroys all encrypted files on the compromised system.
CyberSecurity Researchers Trend Micro has published a new in -depth report on the operation, which shows that the group is currently working on adding new functions to the encryptor, including the file abnormality.
“What further distinguishes Anubis from other Raas and a lead gives its activities is the use of a file waste function, designed to sabotage recovery efforts, even after coding,” said Trend Micro. “This destructive tendency adds pressure to victims and increases the use of an already harmful attack.”
Putting the victims under pressure
When the threat actors activate the function, the wiper knew the contents of the files and reduces their size to 0 kB. The file names and the structure remain intact, which means that it is impossible to restore the files.
The best way to remain protected is of course to sharpen the security and minimize the opportunities to minimize a ransomware infection. From an abundance of caution, however, companies must have a separate, possibly Air-kick backup, with which they can safely restore the files.
Customary, ransomware Actors would exfil sensitive files of the IT infrastructure of their target and then cod the systems.
They would then demand money, usually in Bitcoin, in exchange for the decoding key that returns access to the victims to their locked files. Because many companies deny that they pay the ransom and, instead, retain an updated backup that can be restored in the event of an attack, the hackers began to steal files and threatened to release the public.
Releasing sensitive files is in many cases more disruptive than coding, because this can lead to class-action legal cases, fines for data watch dogs, loss of credibility among customers and partners, and loss of competitive advantage after IP leaks.
In addition to the file wiper, which is definitely a big threat, ransomware actors sometimes also make DDOS attacks, also to put pressure on both the front-end and the back-end of the company. In some cases they would also call the victims on the phone in an attempt to let them pay the ransom.
Maybe you like it too
- Advertisement -
