New ransomware encrypts your whole hard drive, if you let it
If malware that holds the files on your computer to ransom isn’t bad enough, news that there’s a new variant in the wild that locks down the whole of your computer by taking over the boot process just made the situation a whole lot worse.
Called ‘Petya’, the new threat bypasses looking for the most important files to encrypt, and just goes ahead and locks up the entire drive instead, according to G Data Software.
Interested in tech, huh?
Don’t miss our biggest TNW Conference yet! Join us May 26 & 27 in Amsterdam.
To achieve its goal, the attacker sends out innocuous looking email that purports to be from a job applicant, with instructions to download a CV hosted in a Dropboxfolder. Naturally, the CV is the ransomware and it immediately trashes your boot record, forcing your computer to crash.
When it reboots, a message will appear saying that it needs to fix errors and that it may take several hours. During this time, the entire hard disk is encrypted.
Once complete, on next boot, the user is presented with the sad truth: pay a ransom via Tor or lose access to everything on your hard drive- and that ransom doubles after seven days.
G Data recommends not paying the requested ransom and instead ensuring that all your data is backed up. That way, you can just copy that image back across, should the worst happen.
While this is by no means the first ransomware online, it’s part of a worrying trend that seems to line up businesses as more lucrative victims than individuals – one hospital this year has already paid $17,000 in bitcoins after it was locked out of its network.
As with many of these attacks, Petya relies on computer users clicking links sent in emails before really considering what they are, or the potential implications.
One sure-fire way to cut down on these is just to simply refuse to open random files from people you don’t know.