Newly Discovered Ransomware Hides In Innocent-Looking Images

Researchers have found a new type of ransomware that can encrypt your files and it’ll cost you over $400 to get the secret codes to decrypt them. It hides components within innocent-looking image files and can make it past spam filters and end up in your email inbox.

This is being referred to so far as SyncCrypt. An email is sent that has an attachment that appears to be “court orders” of some type. If that file is opened, images pop up that seem harmless enough, but are executing ransomware components in the background.

It scans for 350 different file types and encrypts them. If you want them back, it’ll cost about $429.

Tips for avoiding a ransomware attack:

- This cannot be stressed enough: backup your systems. This is relatively simple and inexpensive to do. On a personal level, likely it is much less expensive than paying to have your files decrypted or to re-create everything. A one-terabyte external backup drive can be purchased for somewhere around $60. Backing up to the cloud can range from inexpensive to a couple hundred bucks. Both of these are still less than the cost to get the decryption key for most any ransomware.

- Don’t pay ransom. It just encourages more of these cybercriminals to use it.

- If you don’t know who sent the email or attachment or were not expecting it, don’t click on it. If you prefer, contact the sender using some method other than replying to the email or using any contact information within it to confirm the file is safe.

- If you haven’t done it already, install antimalware software on all devices. Keep it updated.

- Install all patches and updates as soon as they are released. This doesn’t apply just to your operating system (Windows, Linux, MacOS, etc.). It applies to every software program.

- If you install a new hardware element to your network, at home or at the office, update the firmware and software immediately after it is installed. Often, these products sit on store shelves for a while and patches come out between the time it’s manufactured and the time you install it.

SyncCrypt has been able to evade detection in 57 of 58 products tested. You cannot rely completely on any security products to keep you safe from ransomware. It’s important to keep an eye out for anything suspicious and be 100% sure it’s not going to wreak havoc before you click.

© Copyright 2017 Stickley on Security