Nowadays, everybody is aware of the term, ‘Novel Coronavirus.’ All over the world, 7.7 Billion people have gotten affected by Coronavirus directly or indirectly. It has impacted so badly that currently, entire mankind is frightened and worried about the future of their survival. As per sources, it originated in China and spread across the entire world so fast that it affected the daily routine of all the citizens in every country. However, is the cybersecurity sphere seeing this pathological threat misused by hackers to launch ransomware also?
Cybercriminals took all possible advantage to steal valuable, personal and financial information through Coronavirus. There are cases wherein spam emails have been sent that used the coronavirus as a motivator to get recipients to open emails designed to hack their systems. These malicious programs encrypted sensitive information of users on their systems and demanded large sums of money as ransom to decrypt locked data. Such campaigns are still on the rise.
We recently covered this phenomenon through one of our blogs. Now, find out the technicalities of one of the ransomware executions through the use of the Novel Coronavirus as a platform.
Execution of ransomware
Coronavirus ransomware is seen spreading through a fake website —if malicious file is downloaded from the fake website it executes the Coronavirus Ransomware. Upon execution of the ransomware file, it encrypts user files as well as file names stored on the infected system. It also renames the drive as Coronavirus as seen in the below screenshot:
After this activity 15 minutes of ransom note will display on system reboot.
Ransomware Drops the below Ransom Note in each folder where files are encrypted:
How Quick Heal helps:
Quick Heal offers multilayered protection against this attack.
Ransomware has become a perpetual threat for individual users and businesses too. Once it encrypts any files, it is impossible to decrypt the data unless a ransom is paid to the perpetrator. Given the extent of the damage any ransomware can do to your data, you must follow the recommended security measures mentioned below.