Security: Ransomware disguised as Windows update

Security: Ransomware disguised as Windows update

Another day, another dullard cybercriminal with megalomaniacal delusions of taking over the world with the latest in ransomware weaponry. 

This time the ransomware in question is called Fantom, and it’s disguised as an important Windows update.

If it manages to infect your machine, it encrypts your files and will only release them for a ransom of … one million dollars, or maybe less.

It would seem that Fantom could be classed as an advanced persistent threat since it’s virtually impossible to spot as it looks like your normal Windows operating system.

But while mimicking your Windows user interface it goes about locking up all your files so you cannot get to them without paying it off.

The man who saw the invisible 

Discovered by Jakub Kroustek, a security researcher at AVG, Fantom may be one of the most sophisticated ransomware attacks out there at the moment, but it is not the only one.

There are many others, including FairWare and Wildfire, to name but two. There’s also one which is apparently attacking British hospitals, but stingy NHS bosses are refusing to pay up, instructing already-overburdened health workers to forget their computers and use pen and paper instead.

For companies providing cyber security services, the growing threat of ransomware is a nightmare. But for small businesses, it could be a disaster, even bringing about the end of their operations.

Mike Pencavel, channel account manager at WatchGuard Technologies, says ransomware is by far the hottest topic for small business.

Pencavel says: “It is clear that small to medium sized businesses are firmly in the sights of the cyber criminals who know that they present a softer target for their advanced techniques, honed in attacks on large corporates and nation states.

“The criminals also know that if they price it right, most SMEs will simply pay up rather than face the disruption along financial losses and embarrassment. The typical demand for an SME is around £350, which may seem a relatively small price to pay.”

‘We’ve only just begun’ sounds terrible

Probably the worst part of this ransomware phenomenon is that we have only just begun — sounds terrible, but it’s very likely to be true.

A study by Trend Micro calculates that ransomware has cost businesses $209 million in the first half of 2016, with some 80 million ransomware threats being detected.

At the end of 2015, Trend Micro had predicted that 2016 would be the “year of online extortion”, and certainly so far there has been a surge of ransomware reports this year.

“The rapid rise of ransomware cases could be a clear indication of ransomware’s effectiveness in granting cybercriminals the satisfaction of easy monetary reward,” says Trend Micro in its report.

The company adds ominously: “With the rising number of ransomware cases and more enterprises continuously losing money and opting to pay ransom, we believe that the ‘reign of ransomware’ will stay prevalent.”