New ‘Spider’ Ransomware threat
Attackers offer ‘tutorial’ to make sure victims pay up
A new form of ransomware has reportedly emerged which threatens to delete the files of its victims if they don’t pay up within 96 hours.
The attackers also offer a tutorial video to ensure their victims are clear about what they need to do.
Like many ransomware schemes, the attack begins with malicious emails sent to potential victims. The malicious Microsoft Office attachment contains unintelligable macro code which - if macros are enabled - allows a the ransomware to be downloaded. A note tells the victim they've been infected with the Spider Virus and that they need to make a bitcoin payment in order to buy the ‘right’ key and get their files back.
The attackers issue a threat that if the payment isn't received within 96 hours their files will be deleted permanently and that not to "try anything stupid" as the ransomware has "security measures" which delete the files if the victim tries to retrieve them without paying the ransom.
The victim is provided with instructions on how to download the Tor Browser required to access the payments site, how to generate a decryption tool and how to purchase bitcoins.
It is obviously always important to always take care when opening emails and links – never open any attachment of which you are unsure. Make sure you have the latest anti-virus software and do regular back-ups, separate from your computer, so you can always retrieve your data if you are targeted. If you do fall victim to an attack, remember these three things:
1/ Turn off your infected computer and disconnect it from the network it is on. This is important because an infected computer can potentially take down other computers sharing the same network.
2/ Inform the police. Ransomware is a serious crime and should be reported.
3/ Don’t pay. Paying the attackers will encourage them to do it to others. There’s no guarantee that they will unlock your data if you do pay, and they could target you again.
- No More Ransom https://www.nomoreransom.org/ is a website which brings together information about what ransomware is, how to avoid falling victim and what to do if a person or company is caught out.