Alert! Karma Ransomware will get you if you Install Free Software
A fake Windows optimization software has been let loose on the Internet. And it is going by the name “Windows-TuneUp”. And why are we telling you about this? Read on.
Windows-TuneUp is a free software that claims to speed up slow computers. But in reality, it is a fake program used by attackers to hide a ransomware called ‘Karma‘. Once installed, Karma scans the user’s computer and begins encrypting all possible file types stored on it. The files that get encrypted are renamed with the extension .karma and this is followed by the display of the ransom note.
How does Karma Ransomware get into your computer?
This incident is associated with a certain pay-per-install (money is generated for every install) software monetization company. If you download a free program that is monetized by this company, you will be greeted by an offer for a free program that claims to optimize your slow computer. This very program is Windows-TuneUp a.k.a the Karma ransomware.
Reportedly, once installed, the program displays a window showing fake performance stats and pretends to optimize the system. It even has a website that looks genuine. And while an unsuspecting user is trying the tool or checking out the website, the ransomware is silently encrypting the files. It is not until the ransom note is flashed does the realization dawn that something is wrong. It’s too late by then!
So, what now?
Every malware works according to certain commands received from a server which is controlled by the attacker. This server is called command and control (C&C) server. The good news, in this case, is the C&C server of Karma is not active anymore. This means, even if anyone downloads this ransomware, they won’t be affected.
However, the lesson to be learned here is…
Karma was not the first ransomware to have been spread in the guise of a free software and it won’t be the last. For all you know, attackers might be crafting other such ransomware as you read this post.
So, we need to be prepared, all the time.
• Avoid downloading free software from shady, unknown or less reputable websites.
• If you are taking the risk of downloading a free software, double check on its safety: Google for its reviews and check if its publisher is verified or not (very important!).
• You can also check if a website is safe on https://scanurl.net/ or https://www.scamadviser.com/
• Before downloading any software, check if it is asking you to install any additional software. Mostly, it is these software that are malicious or potentially harmful.
• Invest in an antivirus software that prevents harmful programs from getting installed on your computer.
If your friends or peers have a habit of installing free software, you may want to share this post with them.
Content reference source:
https://www.grahamcluley.com/bad-karma-ransomware-piggybacks-free-software-downloads/
29 Comments
Thank you. Quick Heal Antivirus Pro protect from it?
Thank You! For the concern …..
Hi I like this software.
nice anti- virus
Thankyou Quick heal for alerting me
Quick heal is best
new product, not updating. please i need your help
Hi,
Thank you for writing in. Our support engineers would gladly help you with this issue. Please call us on our toll-free no. 1800-121-7377 or visit https://bit.ly/QHChat to chat with us online. You can also raise a ticket at https://bit.ly/Askus and we will get back to you at the earliest.
Regards,
Is it really True /Helpful
Very good antivirus app i like
Thank you for save my mobile phone with viruses
Thanks for this app because it’s products save my phone with viruses
Quick Heal Antivirus Pro protect from it?
I like this software.Thank you
Thank you most graciously for the above information! I have bookmarked all of it for future use.
Thanks for alerting
tAHNK YOU. vARY USEFUL INFORMATION.
S. N. VAIDYA
Hi I like this software.
I am try to your product
Hi Bhola,
You can download our Free Trial, valid for 30-days. Please visit https://www.quickheal.co.in/download-free-antivirus
Regards,
Hi I like this software.
Thanks
namsakar
verygood softwear
Why Don’t You Advice Install A Quick Heal Antivirus…………………??????????????
Good
I am impressed very nice.
Thanks
Thanks
Hi,
Can any one help to decript my documents and images which are affected by the ransomware and cerber 3 files (renamed)
Hi Gopal,
Unfortunately, files once encrypted by a ransomware cannot be decrypted without the decryption key that the attacker sells for a ransom. However, our support team can help you retrieve the backup of your data if it was stored in a secure location before the ransomware infection.
Please call us on our toll-free no. 1800-121-7377 or visit https://bit.ly/QHChat to chat with us online. You can also raise a ticket at https://bit.ly/Askus and we will get back to you at the earliest.
Regards,