The New Year has barely begun, and we already have a new ransomware, known as Ransom32, very similar to the Cryptolocker virus and just as devastating. What makes this ransomware unique is that it is the first JavaScript ransomware that can affect Windows, Mac and Linux. It is being sold on the “dark web” as a ransomware-as-a-service in exchange for a 25% cut of the ransom profits.

Ransom32 is a cross-platform operating ransomware. It is also more difficult to detect, because of it legitimate framework, again resembling the Cryptolocker virus. (See our article on the Cryptolocker virus.)

The malicious files are hidden inside emails, often in a delivery notice or a notice of unpaid invoices. It then encrypts the victim’s files, photos, documents and other data. When the computer is turned on, the ransom note is on the screen. Victims are given four days to pay the ransom before the amount goes higher. After seven days, all encrypted data can no longer be recovered. As we have cautioned customers in the past, do not pay the ransom, but immediately seek the help of your professional IT consultants, to ensure that your data is retrieved and you are not held at the mercy of malware criminals.

To protect yourself from Ransom32 and other viruses, remember the following:

  • Keep backing up on a regular basis.
  • Run an active anti-virus on your systems.
  • Do not open email attachments from unknown sources.
  • Always browse the internet safely.
  • Make sure that all of your employees follow these guidelines. Often, it is one unsuspecting employee, whose actions can cripple a company’s IT.

Stay safe in 2016!

Please feel free to contact us for any more information or an evaluation of your IT security.