Information security researchers have detected a new malware threat deployed by malicious hackers days before the start of the holiday shopping season. The threat has been identified as a ransomware attack called Scarab, and it is being distributed by means of a massive botnet known as Necurs, which is sending out phishing emails at a very fast rate.
[su_note note_color=”#F4f4f4″]In just a few hours, the botnet delivered millions of email messages that contain a scanned document as an attachment. The content of the email instructs recipients to extract the zipped document so that it can be evaluated; in some cases, the attachment is purported to be a receipt for a recent online purchase. In reality, the attachment is a Trojan that downloads a Visual Basic script and executes the Scarab ransomware.[/su_note]
Symptoms of Malware & Ransomware Infection
Computers infected with this ransomware will display a message explaining that the files have been encrypted and hijacked. Once encrypted, users will be locked out of their files unless they pay a ransom and receive a key from the hackers to remove the encryption. As has been the case with previous ransomware attacks, the hackers offer an incentive: affected users who get in touch with the attackers soon after they see the message will pay less than those who take their time; however, the ransom amount appears to be negotiable.
One variant of this attack features subject lines such as “Scanned from Epson” or “Scanned from Lexmark,” which is a standard subject line used by popular scanners connected to office networks for the purpose of delivering imaged documents via email. What this subject line suggests is that hackers are expecting to trick business users who routinely use network printers, copiers, and scanners.
[su_note note_color=”#F4f4f4″]The fingerprint of this malware is being updated by antivirus software providers; as usual, A Plus Computers in Apple Valley recommends that computer users in the High Desert ensure that their antivirus definition files are up to date. Furthermore, computer users should keep in mind that malware and phishing attacks tend to intensify during the holiday season since this is when online shopping tends to be more active.[/su_note]
The best security measure to protect against ransomware attacks is to constantly backup files. Should your hard drive be encrypted maliciously, you can always reformat, reinstall the operating system and restore your information without having to make ransom payments. To learn more about protecting your computer against malware, contact our information security specialists.
