Ransomware was the biggest digital threat of 2016. The FBI estimates victims paid nearly $1 billion in ransoms last year alone.
The Locky ransomware campaign has been one of the scariest threats around; however, there’s a new ransomware attack spreading like wildfire that you need to be worried about.
What is the new ransomware king?
If you follow us here at Komando.com, you know ransomware is malicious software that encrypts data on your computer or gadget until a sum of money is paid. These attacks have become a favorite of scammers, partially because of the ease of anonymity. Not only is it a faceless attack, but the ransom is usually paid with bitcoin, which makes this a nearly untraceable crime.
Now, a new attack has taken over as the ransomware king. It’s called Cerber, and it accounted for 90% of Windows ransomware attacks during the first quarter of 2017. The formerly popular Locky is almost nonexistent at this point, accounting for only 2% of attacks.
One reason Cerber is so rampant is that it’s ransomware-as-a-service (RaaS). RaaS is a user-friendly type of ransomware that can be deployed by anyone, even if they have very little technical ability.
So how does it work?
- An experienced hacker writes the ransomware code and sells it to others on the Dark Web for deployment.
- The buyer sets the ransom and payment deadline, along with the distribution style.
- The code developer gets a cut of all ransom paid.
It’s super easy for anyone with aspirations of becoming a cybercriminal to do. In this case, Cerber is being distributed through phishing emails. The email contains a link that leads the victim to Dropbox. If the link is clicked, the Cerber payload downloads automatically and encrypts the files found on the victims’ gadgets.
How to handle a Cerber attack
Since Cerber is distributed through a phishing email, you need to know how to spot one. Take our phishing IQ test to see if you can spot a fake email.
Also, be very cautious with links found in unsolicited emails. It’s always better to type a website’s address directly into a browser instead of clicking on a questionable link. Before you ever click a link, hover over it with your mouse to see where it’s going to take you. If the destination isn’t what the link claims, don’t click it.
When dealing with a ransomware attack, some law enforcement agencies have recommended not paying. The theory is there’s no guarantee you’ll get your files back. Some of the criminals behind these attacks have claimed to return victims’ files once they pay but actually delete the victims’ files the moment the victims’ gadgets are infected.
Obviously, it’s best to not be infected with ransomware. To help prevent a ransomware attack, the FBI has these suggestions:
- Back up data regularly — This could be the best way to recover critical data if you’re infected.
- Make sure your backups are secure — Don’t connect your backups to the computers or networks they’re backing up.
- Never open risky links in emails — Don’t open attachments from unsolicited emails.
- Download only trusted software — Make sure the software you download comes from trusted sites.
- Have strong security software — This will help prevent the installation of ransomware on your gadget.
Bonus: In the event that accidentally fall for a ransomware scam, you need to have your data protected. We recommend using our sponsor, IDrive. You can back up all your PCs, Macs and mobile devices into ONE account for one low cost! Click here to receive a special discount of 50%.