Shark, a new type of Ransomware, is available for free and is being distributed on the cyber-ground, according to the latest research.
What is Shark Ransomware?
Shark is a ‘Ransomware as a Service’ (RaaS), which allows budding cyber-criminals to create their own customized Ransomware with little or no technical knowledge. In addition, the Ransomware claims to be using a fast encryption algorithm, supports multiple languages, and is “undetectable” by antivirus software. Shark Website is hosted on publicly-accessible server, which is very uncommon because cyber-criminals make use of Tor network, which allows them to remain anonymous.
Working of Shark Ransomware
Wannabe attackers can download a .zip file containing the Ransomware configuration builder and a text file, which has a Warning note. It informs that they should use a virtual machine when making use of the .zip file. As soon as the configuration is entered, a base 64 version of the configuration is generated. After configuration settings, cyber-criminals need to distribute the Ransomware.
Once it is executed, it creates an entry in Microsoft Registry. Then, it encrypts the configured file extensions such as .pdf, .doc, .xls, .ppt etc. and append the .locked extension to encrypted files. Once the encryption is successful, a Ransom note is presented to the user on how they can pay the ransom, and allows victims to view these instructions in 30 different languages. The victim needs to enter an e-mail address and then pay the ransom to a specific Bitcoin address.
- Update your antivirus software (like eScan) on regular basis, which will protect your system from all kinds of Malware attacks.
- Always download apps from their official website or Google Play Store instead of unknown sources because many apps store are still offering the app.
- Download applications of a reliable app developer. In addition, check the user ratings and reviews of the app before download.
- Ensure that all the software installed in your systems are updated frequently, including Oracle Java and Adobe.
- Implement a three dimensional security policy in your organization, i.e. firstly understand your requirement based on which IT Security policy would be prepared accordingly. Secondly, educate your staff about the policy and finally enforce the policy.
- Make sure you either implement MailScan at gateway level or enable Mail Anti-virus on endpoint in order to block extensions such as *.EXE, *.SCR, *.JS, *.VBE etc. These attachments can infect your system.
- Open e-mails only if you are positive about the source.
- Regularly create backup of your important files.