We have all heard about malware that can infect and corrupt your system, putting customer data and sensitive information at risk. However, ransomware isn’t quite as widely talked about as other forms of malicious software.
Ransomware is a type of malicious software that will lock you out of your data until you pay the sum of money that the hacker has demanded. These fees can range from less than £20 pounds to over £300, sometimes into the thousands, it depends on the hacker. Different hackers may also demand different method of payment: some may ask for bank transfers, cheques or even the bitcoin equivalent to the requested amount.
Like all other malware, new strains of ransomware are always being discovered, and firms have warned of the new strain named ‘Troldash’.
Troldash works in the way that, once it has infected the particular machine or device, it provides an email address with which the victim can contact the hackers. Natalia Kolesova, a checkpoint researcher, remarks that, “While most ransom-trojan attackers try to hide themselves and avoid any direct contact, Troldash’s creators provide their victim with an email address.” Of course, this will not reveal the criminal’s actual identity, but gives them a way of engaging victims to demand the amount and method of payment they want.
This new strain of ransomware is distributed via spam mail. As soon as the recipient has opened and downloaded the file it will encrypt files on the system before sending a set of ransom instructions to the victim. This is a good example of why it is important that your email’s spam and virus filters are working and that you should avoid opening any email that comes into the spam folder unless you are completely sure that it is safe.
Once your files are encrypted you can no longer access the data and the only course of action is to lose the data or contact the hackers to obtain access.
However, Natalia Kolesova did find, after posing as a victim of Troldash, the ransomware attacks are willing to barter when it comes to the amounts that they demand. It seems that, one particular Russian hacker was compassionate when Natalia’s character, Olga, told them that she couldn’t afford their first monetary request. Natalia eventually managed to reduce the request by 50% of the original amount.
It is not just the Troldash strain of ransomware that is a problem for computer users worldwide. Cryptolocker, another form of ransomware that made an appearance in 2013, is estimated to have affected more than a quarter of a million computers across the world. Many victims of Cryptolocker reported that, even when they had paid the ransom fee, their files were still not decrypted for them. Of course, this is not even guaranteed for Troldash, but it does seem that the attackers are doing so currently, at least.
Unfortunately, it is difficult to avoid being sent any spam emails that could contain the Troldash bug, but you can avoid being infected with the malware. Obviously, sometimes harmless emails are redirected to your spam folder, so it is not always possible to avoid opening the folder altogether. If you do open your spam folder, for any reason, do not open any emails if you don’t recognise the sender’s email address or if the address is absent. Simply delete any emails such as these, and avoid clicking any links they contain at all costs.
If clients data ends up being encrypted it may cost you a lot of money to regain access to it, or result in an embarrassing conversation with your client.