3 ransomware developments you need to know about

protection

All ransomware is basically the same, right? Wrong. The means by which the malicious files wind up infecting computers and the fallout can vary wildly – and if you’re not up on the latest trends, you could be the next to fall victim. 

Here are three recent developments in malware that prove not only is this attack vector here to stay, it’s also getting more and more dangerous.

1. Malware on social media

Email and infected websites have been popular means to install malware on users systems. But using social media in the place of these methods can be even more effective.

According to security company Check Point, flaws in social media sites like Facebook and LinkedIn allowed users to send images infected with Locky malware to unsuspecting users. If users downloaded and opened these files, it would lock all the files on their devices and prevent them from being opened until a ransom was paid.

Below is a video of the tactic being used in action.

Chances are that an email containing these infected files would’ve been picked up by either the spam folder or virus scanners. However, by doing an end-around and using social media, users were able to download the infected files.

Check Point recommends if you’re sent a file that you didn’t request, you should avoid opening it. Also, make sure not to download any files that have unusual extensions.

2. Growth of Ransomware-as-a-Service

You don’t need to be a criminal mastermind to launch a ransomware attack any longer. Other hackers are putting together how-to kits that walk you through the process from beginning to end and can even set you up with a payment plan in which the provider splits the profits from successful attacks 80-20.

According to a recent Trend Micro report, some of these services are being sold for as little as $40 on the black market. In some cases you don’t even need to venture into the dark web in order to acquire Ransomware-as-a-Service. The .zip file containing everything you need to get started is available on a public-facing WordPress site.

With these models, users may be hit by less sophisticated attacks, which in some ways can be even more dangerous. If ransomers aren’t doing massive scale attacks, they may go the extra mile to make their attempts as convincing as possible.

3. Phone support adds ransomware component

Phone support scams have long worked to fool unwitting users into giving up personal information or money in exchange for freeing their computers of viruses that never existed in the first place.

Users receive a call telling them there’s an urgent security threat and they must follow the caller’s instructions and fork over some cash to have the malware removed.

But now scammers are going a step further and actually infecting users with malware that will require further payment to retrieve their files.