Back to BlogNext : New high-density storage media uses unusual materials

New version of ransomware shows the problem’s getting worse

It may have already been the reason that thousands upon thousands of people around the globe have lost access to their data, but ransomware shows no signs of abating. In fact, it’s becoming more effective.

Having begun to infect the storage media of unsuspecting users in January of this year, GandCrab ransomware quickly gained notoriety following it becoming ne’er-do-well’s virus of choice. Those who were inclined to do so could simply purchase the malware via the dark web and then proceed to infect unsuspecting targets with just a few clicks. This, of course, effectively opened up cybercrime to nefarious individuals who otherwise lacked the technical knowledge required to hold others’ data to ransom. As if this wasn’t bad enough, this version improves upon its predecessors in a number of other ways – each designed to make it a more effective means of blackmailing those unfortunate enough to download it to their device.

By switching the encryption mechanism, this latest version of the virus encrypts data more rapidly than previous versions. If that wasn’t enough, whilst previous versions needed the infected device to be connected to the internet to compete the encryption process, this one does not. In other words, it's going to make your data unreadable whether or not your device remains networked and it’s going to do it very, very quickly.

Legacy systems like Windows XP and 2003 were previously ‘immune’ to this particular virus but not anymore: the latest version of GandCrab utilises an SMB exploit spreader in order to infect devices running these operating systems and security experts feel this exploit could mean that further legacy systems are at risk too.

One thing remains, though: victims are asked to pay a $500 cryptocurrency ransom in exchange for their data with this demand doubling to $1,000 if the ransom’s not been paid within three days.

Security experts are still advising anyone unfortunate enough to find their data encrypted not to give in to the blackmailers demands as this will merely encourage them. Instead, they advise internet users to be vigilant and to avoid downloading anything that appears suspicious.

This latest version of GandCrab appears to target users of Wordpress sites so it’s logical to conclude that those who frequent sites that utilise this platform remain mindful of the fact that they’re placing themselves in a potentially vulnerable position.

If you’ve been the victim of a ransomware attack, Fields Data Recovery can help. You can book a free data recovery diagnostic here

Is flash the future for data storage?

Over the past few decades, hard drives have been the most common form of data storage for both individuals and businesses alike. Devices utilising flash media such as SSDs and USB ...

Don't be a Statistic! Why Regular Data Recovery Testing and Verification is So Important for Your Business

When was the last time you took the time to test and verify your business's data recovery plan? It's easy to put off, but regular testing and verification is crucial to ensuring th...

The Pros and Cons of Cloud-Based Data Recovery: Are you Ready to Make the Switch?

As technology advances, the way businesses handle their data changes as well. Data recovery solutions have never been more important than they are today. And with the rise of cloud...

Navigating Local Data Recovery: Fields Data Recovery Leading the Way

Introduction:In the realm of data recovery, local expertise can make all the difference. When faced with the critical task of recovering your valuable data, having a local partner ...