We here at Coinhako have come across a news article which provided some alarming statistics – in the past year alone, there have been 17 incidents of Ransomware in Singapore, up from just two in 2015! This points to a rather worrisome trend of a new type of malware that has hit our shores – one that certainly can have more devastating effects than most viruses and adware.


What is Ransomware?

Just as malicious as its name suggests, Ransomware is a form of malware that installs itself on your computer undetected, and encrypts all the files you have, demanding a ransom for you to unlock your files – this can be anywhere from 10USD** to 500USD**. Ransomware hackers typically ask for payment to be made in bitcoin – that way, you have no way of recovering your money.

Source: Heimdall Security

If you refuse to pay, the hackers will delete all your files – and unless you have it all backed up somewhere, you may never see those files again! They could also encrypt your files, and it may be a long and extremely difficult process to recover them. The files you stand to lose in the process could be something as priceless and sentimental as your photo collection, to your important work documents – it may all be gone once you see that ransom message on your screen – that is, unless you pay the hefty fee.

The earliest known version of ransomware was documented in 1989, when computers were infected via floppy disks given out at an AIDS conference organised by the World Health Organisation – aptly named the AIDS trojan, victims paid for the ransoms with money mailed to a P.O Box in Panama! Ransomware has evolved rapidly since then, but the truly significant moment came in 2013, when malware program CryptoLocker started spreading via email attachments, and many Ransomware strains now ask for payment to be made in Bitcoin.

A particularly important reason why we have been seeing a recent increase in the incidents of Ransomware can be due to the creation of different strains & variants, some of which can target other operating systems (besides Windows) such as LinuxMac OSX, and even smartphone OS Android. A rise in the use of Bitcoin can also be argued to be a catalyst in the rise of Bitcoin, since BTC transactions are irreversible once logged in the blockchain. Therefore, it is pertinent that all users be aware of the very real threat of ransomware, and learn how to prevent and spot signs of it.


Recognising & Preventing Ransomware – 6 Steps

1. Always back your storage up.

This is the most important point. If you were to keep a backup of every file you have stored, Ransomware would pose a much more diminished threat (that is, unless you encounter a variant such as Chimera, which would threaten to publish all your sensitive information online). It is important to always make backups on an external hard disk – making regular backups also provide far more benefits than just protection against Ransomware – it is also effective in preventing loss of data in cases of theft, corruption, or accidental deletion.

2. Be wary of all attachments from unfamiliar email addresses.

Ransomware has clever ways of disguising itself to look legitimate – even if you get emails from authoritative or official-looking addresses, always think twice before opening the attachments. Carefully inspect the contents of the email, the subject line, and sender address to spot any inconsistencies.

One example of how craftilyy malware can be unknowingly downloaded is when attachments have hidden file extensions – hackers may try to disguise their .EXE or .ZIP files by adding an innocous-looking fake extension to the end of the file name (such as .MP3 or .PDF). They may also disguise such files with icons that look like MP3, PDF, or DOC files, to trick you into thinking that there are no risks. You can prevent this by making sure your mail provider filters all .EXE and .ZIP files.

3. Be wary of suspicious free downloads on the internet

As was mentioned above, be very wary of downloading files online – especially if they are .EXE or .ZIP files. Always make sure you download files from trusted sources only.

4. Use trusted, reliable antivirus software.

Make sure to use antivirus software that is frequently updated, and scans in real-time for threats to your system.

Recommended software for defending against malicious attacks include Avast, MalwareBytes, and Emsisoft Antimalware.

5. Keep your software patched and up-to-date.

Make sure you regularly patch and update the Operating System and software on your computer to prevent any security loopholes. Out-of-date software is much more easily compromised.

6. Use an ad-blocker on your browser, and turn off plugins like Adobe Flash.

Malicious pop-up ads on the internet can put you at risk of a Ransomware attack when you click on them, and even users of Adobe Flash have been subject to Ransomware infections. Make sure you block pop-ups, especially on suspicious sites that you do not trust, and turn off any plugins that you are not using.

Conclusion

If all else fails, and you find your data and files held hostage, please contact the local authorities or the Singapore Computer Emergency Response Team (SingCERT). The information we have provided in this article are simple, easy-to-follow guidelines, but you still have to do your due dilligence.

For more information and assistance on Ransomware, please email us at consult@coinhako.com