Friday, May 07, 2021 | Last Update : 10:11 PM IST

  Technology   In Other news  23 Jan 2019  Beware! New ransomware disguised as a game

Beware! New ransomware disguised as a game

THE ASIAN AGE
Published : Jan 23, 2019, 4:40 pm IST
Updated : Jan 23, 2019, 4:40 pm IST

Anatova is targeting consumers at scale across the globe.

The ransomware was discovered in a private peer-to-peer (p2p) network and targets consumers by using the icon of a game or application to trick the user into downloading it.
 The ransomware was discovered in a private peer-to-peer (p2p) network and targets consumers by using the icon of a game or application to trick the user into downloading it.

McAfee researchers today announced the discovery of a new ransomware family, “Anatova” that is targeting consumers at scale across the globe. The ransomware was discovered in a private peer-to-peer (p2p) network and targets consumers by using the icon of a game or application to trick the user into downloading it.

Christiaan Beek, Lead Scientist & Principle Engineer at McAfee said, “Creating a quick and fast piece of ransomware is fairly easy for those with basic know-how. Ransomware packed with functionality that is also difficult to analyze, such as Anatova, is more difficult to create from scratch. Anatova has the potential to become very dangerous with its modular architecture which means that new functionalities can easily be added. The malware is written by experienced authors that have embedded enough functionalities to be sure that typical methods to overcome ransomware will be ineffective, for instance data can’t be restored without payment and a generic decryption-tool cannot be created.”

 

Key findings:

Brand-new code shows the actors behind this ransomware family aren’t your average hackers, but experienced bad actors

Shown the ability to morph quickly, adding new evasion tactics and spreading mechanisms

Includes functions which are not often see in ransomware families. In the same vein however, where there are observed similarities, the functions are the same as those used by the most destructive ransomware families such as GrandCrab

Once downloaded, the malware quickly encrypts all or many files on an infected system and demands ransom in cryptocurrency in order to unlock it - 10 DASH – currently valued at around $700 USD

 

McAfee’s researchers believe this new ransomware could become a serious threat since the code is prepared for modular extension - this means that new functionalities can easily be added. The malware is written by skilled authors that have embedded enough functionalities to be sure that typical methods to overcome ransomware will be ineffective, for instance data can’t be restored without payment and a generic decryption-tool cannot be created

Tags: ransomware, virus, game, malware