New Ransomware Deletes Files As Payment Deadline Approaches
An article review.
‘Jigsaw’ doesn’t just hold your data hostage–it begins slowly destroying data even before the payment deadline
Our friend Wes Pollard of HomeBank tipped us off about a new piece of ransomware that adds a sinister twist to the old formula: it begins deleting your files even before the payment deadline approaches!
The virus, named Jigsaw after the puzzle-crazed antagonist of the long-running horror movie franchise Saw, is the first to take such a proactive approach to its threats but luckily it is relatively easy to defeat. After terminating the processes the malware spawns, one can use the msconfig utility included in Windows to stop it from launching at startup and then use an antivirus tool to remove it completely. Once Jigsaw has been eliminated, users can download the Jigsaw Decrypter Utility linked in a blog post on BleepingComputer to restore access to their files.
While this virus was relatively harmless in that users could easily defeat its protection mechanisms and reverse the encryption used, it is certainly not going to be the last time we see this method of attack used. As always, users and security professionals should remain vigilant to prevent infections such as Jigsaw from spreading.
Original article by Lucian Constantin of IDG News Service, published in Computerworld.
One Response to “New Ransomware Deletes Files As Payment Deadline Approaches”
Leave a comment
Show this article to your CFO the next time he or she asks for a budget. Another one Read more
Another awareness poster for YOUR customers (and users). Now that we have our own em Read more
Several New Targets For Ransomware Have Been Identified… An article review. Over the Read more
Incident response testing is the stone that kills many birds… Another one of those Da Read more