Ransomware is now one of the main threats on the Internet.
The Goldeneye Trojan is a serious threat. Since the beginning of last week e-mails have been running with supposed applications, which specifically target personnel departments. The Ransomware (blackmail Trojan) then encrypts the computer of the victim and demands a ransom for the decryption of the data. As the police in Aalen (Baden-Wuerttemberg) reported on Wednesday, such e-mails come sometimes on behalf of the agency for work.
As the warning from the police shows, a company has already hit heavily in the middle of last week. This company is located in Crailsheim and became a victim of the dangerous Ransomware. After the attack, apparently so many computers were affected that the "operation had to be stopped, 22 employees were sent home in the absence of work, the resulting damage should be in the 5-digit range", the Aalen police reported on Facebook Code>
How it is ordered to operate is unknown. It is certain that against the Ransomware currently only could help to pay the ransom. Experts, however, generally advise against this. There is no guarantee of decryption, not even a future integrity against further extortion attempts. A decryption tool is still waiting.
As we reported last Tuesday, the Goldeneye Trojan, similar to other Ransomware pests, uses so-called macro codes, which are mainly used in Microsoft Office documents. These are small programs that can actually perform useful functions within documents. However, through security gaps, commands can also get outside the document and cause system-wide damage.
In our original report, you will find a guide on how to block macro codes. Unfortunately, not all current virus scanners against Ransomware help. Furthermore, there is unfortunately no decryption option for those affected. Therefore, you should periodically create backups and open attachments in e-mail only under elevated security mechanisms - for example, in a sandbox.
No comments:
Post a Comment