Files Lost Forever Due To Buggy Ransomware



 

Hidden Tear Ransomware Infection FlowResearchers discovered a sample of ransomware that damages files permanently. The malicious code is based on the work of Turkish Oktu Sen security researchers, who last year made their 'Hidden Tear' ransomware code open source, to educate IT people in general. It uses AES encryption and is currently undetectable by antivirus products. Otku Sen also published a short video demonstrating how ransomware worked.

Problem is that cyber criminals took this code and created their own malicious strain. 

The strain was being spread through a hacked site in Paraguay. Visitors were shown a popup that they needed to update Adobe Flash.  In reality the file that was downloaded was ransomware which encrypted all the files on the machine. 

The problem is that during the encryption process, the key gets lost due to bugs in the malware. Even if the victim pays the 500 dollar ransom they are not able to get their files back, Trend Micro reported

This does not seem to be a major ransomware strain, so there is not so much to worry about yet. The lesson learned is that the security industry should be very careful when releasing information that could be used by threat actors. Even if the intentions of security researchers or security vendors are to educate the public, they need to carefully assess the risks prior to the release of possibly harmful information.

In any case, stepping your users through effective security awareness training is a must these days. Find out affordable this is and be pleasantly surprised.

Get A Quote Now

 




Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews