A new ransomware like WannaCry has appeared. This is how you can protect yourself

Ransomware threats have recently turned into one of the most worrisome security threats for users. This type of threat is widely spread nowadays and we are completely sure about not wanting to get infected by it. As we know, hackers take over PCs, encrypting files so the victim has to pay a ransom to decrypt them. This is a serious issue if the infected PC has important personal or work-related information. Today we are talking about a GandCrab ransomware variant and how to be protected against it.

New GanCrab ransomware variant

As we know, WannaCry is an example of the most dangerous ransomware with the most victims. This ransomware variant affected around 300,000 organizations worldwide. The similarity between GandCrab and WannaCry lies in the fact that both of them use the SMB protocol to attack Windows users.

GandCrab attacks victims via compromised websites. According to researchers, this new type of malware is updated every day to attack victims in different countries. Hackers scan the internet to find vulnerable websites to carry out the attacks. The latest version features a long list of websites that were compromised.

Attackers use a pseudo-random algorithm to select a predefined word to complete the URL for each host. The final URL is generated in “www.{host}.com/data/tmp/sokakeme.jpg” format.

As we have mentioned, experts believe this newest ransomware version can spread itself via an SMB exploit. The same exploit was used on WannaCry and Petya ransomware attacks last year.

To propagate via SMB exploits, the entire code of the ransomware was rewritten. Security experts state that GandCrab is using EternalBlue National Security Agency (NSA) exploits to attack quickly.

How to be protected against the new GanCrab ransomware variant

We have to take pretty much the same measures we would take against any other ransomware or general malware. We have to mention that Microsoft has pulled up its guard with the MS17-010 security patch.  This why it is essential for our PC to be up to date in order to be protected against the exploit that lets GandCrab infect the PC.

Additionally, having security programs and tools is essential. This way we can face any possible threats that can put our device at risk. These programs must also be kept up to date.

Creating backups is a good option for a lot of possible issues, but it is the best option against ransomware. As we know, ransomware encrypt documents and files to ask for a ransom. It is important to create a backup for all those files so we have them in case of a hypothetical attack.

Leave a Reply

Your email address will not be published. Required fields are marked *