Trick or treat? Beware so a ransomware won’t end up between your Halloween sweets

Ghosts, monsters and the living dead can all send a chill down one's spine. Ransomware, for some people, is just as spooky. This Halloween, we look at why.

Ghosts, monsters and the living dead can all send a chill down one’s spine. Ransomware, for some people, is just as spooky. This Halloween, we look at why.

There are many spooky things in this world of ours and Halloween helps to bring them all under the spotlight. Does your biggest fear involve spiders, zombies, ghosts, and horror movies or is it rather something from cyberspace? Many online users would probably opt for the latter – especially if they have had an experience with ransomware.

Why so? Well, it’s down to the particular methods that this type of malware uses when attacking its victims. Honestly, who wouldn’t get spooked by a computer screen suddenly flashing a notice from your local police that your computer contains illegal data, subjecting you to hundreds of dollars in fine? Ok, this could be a bit too obvious …

Consider another ghastly technique used by cybercriminals, horrible enough to make their victims squirm whether it’s Halloween, European Cyber Security Month or Mother Theresa Day. It involves placing a giant countdown timer smack in the middle of your screen. And if you don’t comply within the given timeframe, you risk losing access to all your valuable data, which is now encrypted by the malware.

And flaming fears is exactly what cybercriminals want. They don’t need a creepy mask or dramatic music to scare the hell out of their victims. They simply force them to act under pressure, inviting mistakes along the way. Their one aim is to extort money − and in the worst case scenario, not even bother returning/decrypting the captured information.

Boogeymen for your mobile devices

And you want to know what is really annoying about ransomware? The bad guys are moving over from PCs and laptops to mobile devices, making their malware creations even more sophisticated along the way. So, the bad news is that you need to be a bit more careful on your mobile. Here is why:

Android/Lockerpin.A, discovered by ESET only a few weeks ago, It is a first mobile lock-screen-type ransomware that sets the phone’s PIN lock. After this, the victims are forced to pay $500 for the alleged viewing and harboring of forbidden pornographic material. Spooky, isn’t it?

In 2014 there was another nasty piece of malware at work. Dubbed Simplocker, it scanned the SD card of an infected Android smartphone, looking for specific extensions, and then encrypted the files until a ransom was paid for their decryption.

But as we mentioned earlier, aggressive ransomware isn’t just targeting mobile platforms. At the beginning of 2015, CTB-Locker (detected by ESET Telemetry as Win32/Filecoder.DA) was spotted making its rounds on desktops and laptops.

It spread through fake emails purporting to contain an important fax message (Yes, fax oddly enough). The actual attachment was a downloader (detected by ESET as Win32/TrojanDownloader.Elenoocka.A) intended to download a variant of Filecoder. And, true to form, the unease and fear was heightened with a countdown timer showing the time left to pay the ransom.

Again, the CTB-Locker’s ultimate goal was to encrypt files on the victim’s device and extort them for bitcoins – as a means of staying anonymous. It even contained instructions for obtaining this cryptocurrency, in case the user had none in their stash. To enhance its reach, the extortion message was translated into four languages – German, Dutch, Italian, and English – also adjusting the currency to the specific region.

So what’s the trick for staying safe?

Of course this article does not have the ambition to offer an exhaustive list of all the ransomware out there (or malware in general). There are others that would “deserve” to be mentioned – from recent Cryptolocker, Torrentlocker or CryptoFortress, all the way back to the first ransomware PC Cyborg – but the more pressing question is: how to shield yourself from these threats?

There are actually lists of advice put together by ESET researchers over the years, offering guidance not only for the cases of ransomware infections, but for many other types of malware. To save you time, what it basically boils down to is prevention. Keeping your systems backed-up, updated and using a reliable security solution are the very first steps, which help you to keep online boogeymen away from your doorstep and chase away your worst cyber nightmares.

Sign up to receive an email update whenever a new article is published in our Ukraine Crisis – Digital Security Resource Center