New Ransomware Deletes Files As Payment Deadline Approaches
An article review.
‘Jigsaw’ doesn’t just hold your data hostage–it begins slowly destroying data even before the payment deadline
Our friend Wes Pollard of HomeBank tipped us off about a new piece of ransomware that adds a sinister twist to the old formula: it begins deleting your files even before the payment deadline approaches!
The virus, named Jigsaw after the puzzle-crazed antagonist of the long-running horror movie franchise Saw, is the first to take such a proactive approach to its threats but luckily it is relatively easy to defeat. After terminating the processes the malware spawns, one can use the msconfig utility included in Windows to stop it from launching at startup and then use an antivirus tool to remove it completely. Once Jigsaw has been eliminated, users can download the Jigsaw Decrypter Utility linked in a blog post on BleepingComputer to restore access to their files.
While this virus was relatively harmless in that users could easily defeat its protection mechanisms and reverse the encryption used, it is certainly not going to be the last time we see this method of attack used. As always, users and security professionals should remain vigilant to prevent infections such as Jigsaw from spreading.
Original article by Lucian Constantin of IDG News Service, published in Computerworld.