Alert! Karma Ransomware will get you if you Install Free Software

  • 100
    Shares
beware of the karma ransomware

A fake Windows optimization software has been let loose on the Internet. And it is going by the name “Windows-TuneUp”. And why are we telling you about this? Read on.

Windows-TuneUp is a free software that claims to speed up slow computers. But in reality, it is a fake program used by attackers to hide a ransomware called ‘Karma‘. Once installed, Karma scans the user’s computer and begins encrypting all possible file types stored on it. The files that get encrypted are renamed with the extension .karma and this is followed by the display of the ransom note.

How does Karma Ransomware get into your computer?
This incident is associated with a certain pay-per-install (money is generated for every install) software monetization company. If you download a free program that is monetized by this company, you will be greeted by an offer for a free program that claims to optimize your slow computer. This very program is Windows-TuneUp a.k.a the Karma ransomware.

Reportedly, once installed, the program displays a window showing fake performance stats and pretends to optimize the system. It even has a website that looks genuine. And while an unsuspecting user is trying the tool or checking out the website, the ransomware is silently encrypting the files. It is not until the ransom note is flashed does the realization dawn that something is wrong. It’s too late by then!

So, what now?
Every malware works according to certain commands received from a server which is controlled by the attacker. This server is called command and control (C&C) server. The good news, in this case, is the C&C server of Karma is not active anymore. This means, even if anyone downloads this ransomware, they won’t be affected.

However, the lesson to be learned here is…
Karma was not the first ransomware to have been spread in the guise of a free software and it won’t be the last. For all you know, attackers might be crafting other such ransomware as you read this post.

So, we need to be prepared, all the time.

• Avoid downloading free software from shady, unknown or less reputable websites.

• If you are taking the risk of downloading a free software, double check on its safety: Google for its reviews and check if its publisher is verified or not (very important!).

• You can also check if a website is safe on https://scanurl.net/ or https://www.scamadviser.com/

• Before downloading any software, check if it is asking you to install any additional software. Mostly, it is these software that are malicious or potentially harmful.

• Invest in an antivirus software that prevents harmful programs from getting installed on your computer.

If your friends or peers have a habit of installing free software, you may want to share this post with them.

 

Content reference source:
https://www.grahamcluley.com/bad-karma-ransomware-piggybacks-free-software-downloads/

Rajiv Singha

Rajiv Singha


29 Comments

Leave a Reply to Rajiv Singha Cancel reply

Your email address will not be published.

CAPTCHA Image

  1. Avatar Anirban DuttaNovember 17, 2016 at 9:12 AM

    Thank you. Quick Heal Antivirus Pro protect from it?

    Reply
  2. Hi I like this software.

    Reply
  3. Avatar rashmi dwivediNovember 19, 2016 at 12:08 PM

    nice anti- virus

    Reply
  4. Thankyou Quick heal for alerting me

    Reply
  5. Avatar Prakash Kumar sahooNovember 19, 2016 at 4:34 PM

    Quick heal is best

    Reply
  6. new product, not updating. please i need your help

    Reply
  7. Avatar Mahantesh koriNovember 19, 2016 at 10:45 PM

    Is it really True /Helpful

    Reply
  8. Avatar Dipak n shilvantNovember 19, 2016 at 10:48 PM

    Very good antivirus app i like

    Reply
  9. Avatar Amarjeet GopeNovember 19, 2016 at 10:48 PM

    Thank you for save my mobile phone with viruses

    Reply
  10. Avatar Amarjeet GopeNovember 19, 2016 at 10:51 PM

    Thanks for this app because it’s products save my phone with viruses

    Reply
  11. Quick Heal Antivirus Pro protect from it?
    I like this software.Thank you

    Reply
  12. Avatar Stephen S. PotterNovember 20, 2016 at 8:46 AM

    Thank you most graciously for the above information! I have bookmarked all of it for future use.

    Reply
  13. Avatar Rajesh kumar shyamsukhaNovember 20, 2016 at 9:17 AM

    Thanks for alerting

    Reply
  14. tAHNK YOU. vARY USEFUL INFORMATION.

    S. N. VAIDYA

    Reply
  15. Avatar parmar sanjayNovember 20, 2016 at 10:48 AM

    Hi I like this software.

    Reply
  16. Avatar BHOLA NATH PANDEYNovember 20, 2016 at 12:42 PM

    I am try to your product

    Reply
  17. Avatar Shelke_prsd@rediffmail.comNovember 20, 2016 at 2:36 PM

    Hi I like this software.

    Reply
  18. Avatar capt.aoj.pn@gmail.comNovember 20, 2016 at 4:53 PM

    Thanks

    Reply
  19. Avatar jainsubhash961@gmail.comNovember 20, 2016 at 6:57 PM

    namsakar
    verygood softwear

    Reply
  20. Why Don’t You Advice Install A Quick Heal Antivirus…………………??????????????

    Reply
  21. Avatar Prasanta ThakurNovember 21, 2016 at 2:39 AM

    Good

    Reply
  22. Avatar Sanjay RajakNovember 21, 2016 at 7:06 AM

    I am impressed very nice.

    Reply
  23. Avatar chandani KumariNovember 21, 2016 at 10:39 AM

    Thanks

    Reply
  24. Thanks

    Reply
  25. Hi,
    Can any one help to decript my documents and images which are affected by the ransomware and cerber 3 files (renamed)

    Reply
    • Rajiv Singha Rajiv SinghaDecember 1, 2016 at 5:10 PM

      Hi Gopal,
      Unfortunately, files once encrypted by a ransomware cannot be decrypted without the decryption key that the attacker sells for a ransom. However, our support team can help you retrieve the backup of your data if it was stored in a secure location before the ransomware infection.

      Please call us on our toll-free no. 1800-121-7377 or visit https://bit.ly/QHChat to chat with us online. You can also raise a ticket at https://bit.ly/Askus and we will get back to you at the earliest.

      Regards,

      Reply