For the past week, a new ransomware strain has been wreaking havoc across Germany. Named GermanWiper, this ransomware doesn't encrypt files but instead it rewrites their content with zeroes, permanently destroying users' data.
As a result, any users who get infected by this ransomware should be aware that paying the ransom demand will not help them recover their files. Unless users had created offline backups of their data, their files are most likely gone for good.
For now, the only good news is that this ransomware appears to be limited to spreading in German-speaking countries only, and with a focus on Germany primarily. First signs of GermanWiper were reported earlier this week when victims started asking for help on the Bleeping Computer forums, a popular place where internet users congregate to get advice in dealing with ransomware infections. The first report came on Tuesday, July 30, and they kept piling on through the following days. The GermanWiper ransomware is currently being distributed via malicious email spam (malspam)
Curiously, this is not the first ransomware with wiper tendencies that targets German-speaking users. In November 2017, Germany was targeted by a similar ransomware strain named Ordinypt (or HSDFSDCrypt). Coincidentally, Ordinypt also used malspam for distribution and CVs of beautiful women to get victims to infect their machines. In addition, the Ordinypt ransom note is also nearly identical with the one used by GermanWiper.
The full story is at ZDNET: https://www.zdnet.com/article/germanwiper-ransomware-hits-germany-hard-destroys-files-asks-for-ransom/
Get Your Ransomware Hostage Rescue Manual
This 20-page manual is packed with actionable info that you need to prevent infections, and what to do when you are hit with malware like this. You also get a Ransomware Attack Response Checklist and Prevention Checklist. You will learn more about:
- What is Ransomware?
- Am I Infected?
- I’m Infected, Now What?
- Protecting Yourself in the Future
- Resources
Don’t be taken hostage by ransomware. Download your rescue manual now!
PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:
https://info.knowbe4.com/ransomware-hostage-rescue-manual-0
