Ransomware Outbreak Malware / Worm

On Friday, a major Ransomware worm began to spread across businesses worldwide. However to ensure that all end user systems are protected, it is of paramount importance to actively update & patch your systems (Servers & Clients) to the latest updates. These updates help keep our network and data safe from attacks, and staying current is a critical part of that protection.

What is Ransomware?
Ransomware is a type of computer malware that encrypts files and disks. It spreads through malicious links and emails.

What does it do?

Ransomware stops you from using your pc, it holds your pc or files for “ransom”. It is like crime of kidnapping. Someone takes something you value and in order to get it back you have to pay up. But there is no guarantee that paying the money or doing what the ransomware tells you will give access to your pc or files again.

How does it get into your computer?
The easiest to get into someone's computer is through attachments of spam emails or by entering into any unknown link. The extension of these files are different than the conventional files. Usually users turn off the file extensions, so they can not know what kind of file they are clicking on. The virus file pretends like a doc file or any other text file. But if you turn on the file extension of your computer you will see that the file extensions are different. As you click on the file all your data start encrypting and eventually asking you for ransom.

In case if you are interested these are the possible real extensions of ransomware files......( .ecc, .ezz, .exx, .zzz, .xyz, .aaa, .abc, .ccc, .vvv, .xxx, .ttt, .micro, .crypto, _crypt, .crinf, .r5a, .XRNT, .XTBL, .crypt, .R16M01D05, .pzdc, .good, .LOL!, .OMG!, .RDM, .RRK, .encryptedRSA, .crjoker, .EnCiPhErEd, .LeChiffre, .keybtc@inbox_com, .0x0, .bleep, .1999, .vault, .HA3, .toxcrypt, .magic, .SUPERCRYPT, .CTBL, .CTB2, .locky or 6-7 length extension consisting of random characters.)

The recent ransomware which is causing mass loss is known as #WannaCry. This asks for opening a javascript file in your email in the format (.js). So it is now recommended not to open any unknown attachments sent through emails.

Safety measures :
1. Keep your Operating System up to date.

2. Keep your Anti-Virus up to date.

3. Create backup for the most important files.

4. Do not open any email attachments from unknown senders.

5. Be careful while opening and downloading from any unknowing third party websites.

How to recover a ransomware infected computer?
For now there is no way to open the encrypted files. If you have any questions about this worm or any other Cybersecurity topic, you can send them to Bohra Developers and someone from our team will get back to you.

Let us do your homework and get your systems secured as soon as possible. We request your inputs in this regards to bohradevelopers52@gmail.com