Ransomware has recently become one of the most important security threats for users . It is one of the types of malware most present today and, with all probability, one of the least we have to be infected. As we know, cybercriminals manage to hijack our equipment. They encrypt the files so that the victim pays an economic rescue to decipher them. A very serious problem if it happens on a computer where we have important or vital information to work on. Today we are talking about a variant of GandCraband how we can protect ourselves.
Table of Contents
New variant of GandCrab
WannaCry, as we know, has been one of the most dangerous and victimized examples of ransomware. It is estimated that this variety affected more than 300,000 organizations around the world. The similarity of the new version of GandCrab with Wannacry is that it also uses the SMB protocol to attack Windows users.
Attacks the victim through compromised websites . According to the researchers, this new ransomware is updated daily to attack victims from different countries. The attackers track Internte in search of vulnerable pages where they can carry out their attacks. The new version already has a long list of pages that have been compromised.
Attackers have used a pseudo-random algorithm to select a predefined word to complete the URL of each site. The final URL is generated in “www. {Name} .com / data / tmp / sokakeme.jpg “.
As we have mentioned, experts believe that this new variant of the GandCrab ransomware manages to spread through an SMB exploit. This was the same exploit that WannaCry and Petya used during the past year.
This they have achieved thanks to the fact that they have rewritten the entireransomware code . Security experts indicate that now this ransomware is using exploits from the US National Security Agency of EternalBlue to attack quickly.
How to protect ourselves from the new variant of GandCrab
The measures we have to take are not very different from any ransomware or malware in general. It should be mentioned that from Microsoft have been put to work and have released the security patch MS17-010 . That is why it is vital that our team is updated to the latest version. In this way we can avoid the vulnerability that allows us to penetrate the new variant of GandCrab.
It is also vital to have security tools and programs . This is how we can deal with possible threats that put at risk the proper functioning. This software, like the system, must be updated to the latest version.
Making backup copies is the most recommended for many possible problems, but even more so for the ransomware. As we know, your goal is to encrypt the documents and files and ask for a ransom. It is important to make a copy where we have all those files saved. In this way, in case of suffering a hypothetical attack, we will always have a backup of all those files.
