Cybercrime rings: Gameover Zeus
Authored by a Symantec employee
The fight against malware is more than a little like an arms race. Just as the good guys come up with “foolproof” ways to beat the bad guys, the bad guys come up with new ways to achieve the same ends. In fact, a lot of what the good guys are doing is playing whack-a-mole with the bad guys. The bad guys are, for the most part, the innovators. The good guys are doing all they can to stop emerging threats. Case in point: ransomware, an aggressive form of malware. Symantec was able to work with the FBI and UK’s National Crime Agency to shut down the Cryptolocker ransomware gang, but don’t think that means there won’t be ransomware threats of a similar nature in the future.
What Is Ransomware?
Ransomware is a kind of malware designed to hold your files hostage using encryption and demanding a "ransom" in order to get your files back. In the case of Cryptolocker, the malware would encrypt files on your entire hard drive, then demand payment to decrypt it. In all, it’s estimated that 3 percent of all infected victims paid the ransom, which means that the criminals overseeing the enterprise earned tens of millions off of this form of malware alone.
How Does Ransomware Infect Your Machine?
One of the most common form of transmission for ransomware is phishing emails. You get an email that uses social engineering in an attempt to get you to open a file. Many times this might be the promise of a prize or some kind of information about yourself.
Once you open the file, however, the ransomware Trojan is loaded onto your computer. Once that happens, the file installs a program that phones home and begins encrypting all of your files. If you ever want to see them again, you have to pay the piper.
How to Protect Yourself Against Ransomware
There are a few simple ways to protect yourself against ransomware and avoid becoming a victim:
- Install a full-service Internet security software suite that protects all the traffic on your home network.
- Keep that software and all your other applications updated. Malware uses known flaws in older versions of data to do their dirty work.
- Don’t download files from strangers or click on suspicious-looking links.
- Perform regular backups to protect your data. In the event that you do become compromised, you’ll have something to fall back on without paying the criminal.
What to do if you suspect your computer has ransomware?
- Do not pay the ransom. When you pay the fee, there’s no guarantee that they will even decrypt your information. Nothing is stopping them from taking the money and walking away from the entire situation.
- Restore any impacted files from a known good backup. Restoration of your files from a backup is the fastest way to regain access to your data.
- If you do not have any backups of your computer, you can try Norton’s Power Eraser tool for free. To learn more about the tool, you can read the tutorial.
Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the LockMan Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Google Chrome and Android are trademarks of Google, LLC. Mac, iPhone and iPad are trademarks of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced and/or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other company names and product names are registered trademarks or trademarks of each company.