BreachExchange mailing list archives

Previous By Date Next
Previous By Thread Next

No One Should Ever Pay to Remove a Bitcoin Ransomware Infection

From: Audrey McNeil <audrey () riskbasedsecurity com>
Date: Fri, 19 Feb 2016 14:37:17 -0700
http://www.newsbtc.com/2016/02/18/no-one-should-ever-pay-to-remove-a-bitcoin-ransomware-infection/

Bitcoin ransomware has been a topic of substantial discussion in the media
throughout 2015, and the year 2016 does not seem to be changing that
anytime soon. There have been numerous reports of this type of attack
against companies and individual users, even though there are a few easy
steps to avoid ransomware from infecting one’s device. Bitcoin is not to
blame for these attacks by any means, only the people who create this
software. Although the ones who pay the ransom are partially to blame as
well.

Brief Introduction To Bitcoin Ransomware

For those readers unfamiliar with the concept of Bitcoin ransomware, we
should take the time to briefly explain what this phenomenon is all about.
Whenever a computer is affected by ransomware, nearly all necessary files
will be locked – or encrypted – with a particular password. The end user
has no idea what this password could be, nor can they regain access to
their files.

The – allegedly – only way to restore file access is by paying a sum of
money to the person responsible for infecting one’s device. In most cases,
this amount can only be paid in Bitcoin, which a lot of people see as an
anonymous digital currency, even though it is not. Hackers feel safe
accepting Bitcoin payments, as they think people will not be able to trace
the funds. Unfortunately for them, the blockchain keeps track of all
resources in real-time, and is publicly accessible, making the digital
currency anything but anonymous.

As one would come to expect, consumers and even IT professionals tend to
panic when they are infectedwith Bitcoin ransomware, as they see no other
option than paying the money. However, there are certain precautions people
can take to either ignore the infection altogether or obtaining the
decryption key – or password – to regain access to their files without
paying anything.

Preventing Bitcoin Ransomware Attacks

It is no secret how ransomware attacks will only occur due to a mistake by
the end user. Similarly to how most of the malicious software in the world
reaches critical mass, computer users need to stop clicking unknown links,
especially when they are sent via social media or email. Even if that
message comes from a family member or friend, never click any link included
in the message to avoid ransomware, malware, or any other type of software
infection.

Secondly, there is no need to install new software when prompted to do so.
If a user is opening a link to a video on a website, and a popup appears to
install additional software, click it away or leave the site immediately.
Nearly all of these popups and websites are created for malicious purposes,
such as spreading ransomware.

Granted, there is only so much that can be done regarding preventive
measures. Now and then, someone will click a link they shouldn’t have, or
open an email attachment containing Bitcoin ransomware. But when disaster
strikes, there is still no need to start panicking all of a sudden. There
are other precautions to take in the event of getting infected with this
ransomware, by restoring access to files without paying the Bitcoin amount.

Backups Are Critical For Individuals And Companies

Needless to say, computer security is of the utmost importance to any user,
regardless of whether it is a home computer or company machine. Regular
backups are needed in every type of situation, and Bitcoin ransomware is a
scenario in which a backup will be extremely useful.

Rather than paying the ransomware fee itself – which should always be a
last resort – one can just regain access to their files by reverting to a
backup before the Bitcoin ransomware infection took place. While this may
lead to some missing information, at least the computer becomes usable once
again. Reverting to an earlier backup saves a lot of time and money,
instead of paying the Bitcoin sum.

Which brings us to the final piece of information users need to keep in
mind at all times. Even if one were to pay the Bitcoin ransomware sum,
there is no guarantee the hacker will give the password or decryption key
to restoring access to one’s files. There are plenty of preventive measures
to take, and users have no excuse to justify paying in Bitcoin when their
PC is infected with ransomware.

_______________________________________________
Dataloss Mailing List (dataloss () datalossdb org)
Archived at http://seclists.org/dataloss/
Unsubscribe at http://lists.osvdb.org/mailman/listinfo/dataloss
For inquiries regarding use or licensing of data, e-mail
        sales () riskbasedsecurity com 

Supporters:

Risk Based Security (http://www.riskbasedsecurity.com/)
Need access to data breach details or alerts when new breaches happen? Risk Based Security's Cyber Risk Analytics 
portal, fueled by the RBS breach research team, provides detailed information on how data breaches occur and which 
vendors to trust. Contact us today for a demo.
Previous By Date Next
Previous By Thread Next

Current thread: