New Cryptomix Variant, Works!

April 18, 2018 | Views: 1392

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

New Cryptomix variant and extension [.WORK] –

Ransomware, in general, uses the same way as its distribution method, the conventional way of using spam email. Spread by email is still very useful because there are still many people who are easily deceived by email tricks, this reason why cybercriminals always repeat the same method continuously.

Changes in Ransomware WORK Cryptomix:

While the encryption method remains the same in this variant, there are some minor differences. Ransom notes are still named _HELP_INSTRUCTION.TXT, but now use worknow@keemail.me, worknow@protonmail.com, worknow8@yandex.com, worknow9@yandex.com, and worknow@techie.com emails for victims contact if they need information payment.

The next visible change is the extension added to the encrypted file. With this version, when data is encrypted by ransomware, it will rename the file and then add the .WORK extension to the encrypted file name. For example, the test file encrypted by this variant has a file name encrypted 0D0A516824060636C21EC8BC280FEA12.WORK.

Protecting Yourself:

To protect yourself from ransomware, it is important for users to always implement good computing habits and security software. First and foremost is the user must always have reliable and testable data backup that can be recovered in an emergency, such as when receiving a ransomware attack.

  • Users should also have security software that combines behavioral detection to fight ransomware and not just signature or heuristic detection. For example, ESET with complete technology detects any malware that can detect behavior and prevent ransomware infections from encrypting the computer.
  • Backup data regularly and keep backup copies in different places. Then encrypt your backups so no more need to worry if the backup device falls into the wrong hands.
  • Do not open the attachment if you do not know who sent it. Do not open the attachment until you confirm that the person sent you.
  • Scan attachments with ESET Mail Security.
  • Perform regular patches and operating system and application upgrades. The faster the patch/fix, the fewer open holes that can be exploited by cybercriminals.
  • Update online and scheduled antivirus software, make sure you get the latest updates from antivirus manufacturers to handle outstanding malware.
  • Also make sure to update all programs, especially Java, Flash, and Adobe Reader. Older programs contain security vulnerabilities that are commonly exploited by malware distributors. Therefore, it is important to update it.
  • For companies, use antivirus with business edition with centralized management and updating system to simplify management and handling. Make sure the system management and updates can be installed on the Linux Server operating system to reduce the possibility of infection.
  • Make sure you use some security software installed that uses behavior or technology detection.
  • Use hard passwords and never reuse the same password on multiple sites.
  • Perform In-Depth Scans of computers via an antivirus management system.
  • Ensure that all configuration convergences are optimally set.
  • Make sure that no unauthorized antivirus foreign computer is on the network.
Share with Friends
FacebookTwitterGoogle+LinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterGoogle+LinkedInEmail
Ready to share your knowledge and expertise?
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Cybrary On The Go

Get the Cybrary app for Android for online and offline viewing of our lessons.

Get it on Google Play
 

Support Cybrary

Donate Here to Get This Month's Donor Badge

 
Skip to toolbar

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel