Microsoft warns users against fake ransomware that spreads data-wiping malware

Microsoft has warned users of a fake ransomware cyberattack that spreads malware, which erases data from various organizations in Ukraine.

(Photo: Photo by Drew Angerer/Getty Images)
The Microsoft logo is lit up on a wall during a Microsoft launch event to showcase the new Microsoft Surface laptop and Windows 10 S operating system on May 2, 2017 in New York City. The Windows 10 S operating system is aimed at the education market and is Microsoft’s answer to Google’s Chrome OS.

Microsoft and fake ransomware

According to Microsoft’s blog post, its cybersecurity team discovered a new system that erases files from various organizations, such as government and nonprofit groups in Ukraine.

Microsoft further stated that the new malware program targets organizations that work with the Ukrainian government.

Microsoft Vice President and Customer Security and Trust Tom Burt said in a blog post that the new “malware is disguised as ransomware but, if activated by the attacker, would render the infected computer system unusable. “.

The Microsoft executive said he was reporting his latest discovery to help others defend against similar cyberattacks, which could completely destroy their files.

Read also : Microsoft launches Pluto Chip to help improve security | BitLocker, Windows Hello and System Guard

Fake ransomware and data erasing malware

According to Bleeping Computer’s report, the new malware that masquerades as ransomware is called “WhisperGate”.

The online media showed a ransomware note of a WhisperGate malware cyberattack, in which it demanded payment in cryptocurrency from its victims.

The ransom note begins by informing the target that their “hard drive has been corrupted”. After which, the threat author adds that there is an option to recover all hard drives affected by the attack.

Then the cyberattacks asked their victims to send a heavy ransom to a Bitcoin wallet address. The ransom note specifically demanded the colossal sum of $10,000 of the best cryptocurrency to bring their systems back to normal.

The note ended by saying that the victims would receive additional instructions from the hackers along the way.

Microsoft said the ransomware note was communicated to the victim via Tox. Therefore, it is false in the first place.

On the other hand, BleepingComputer noted in the same report that previous ransomware attacks used Tox as a way to reach their victims. So this does not automatically mean that the attack is completely wrong.

But besides this, Microsoft has noted another reason that makes the entire cyber system fake ransomware, which focuses on wallet address and decryption key.

For example, the tech giant observed that attackers used a single Bitcoin wallet address for all of its victims.

Moreover, even if the target of the ransomware attack has already paid the ransom amount, the attackers don’t provide any decryption key.

BleepingComputer further stated that the crypto wallet and lack of decryption key clearly suggests that the latest malware is just pretending to be a ransomware attack.

Instead, the new scheme wipes out its victims’ systems and at the same time, hackers profit from it as well.

Related article: Microsoft Improves Sexual Harassment Policies Thanks to Natasha Lamb’s Influence on Other Investors

This article belongs to Tech Times

Written by Teejay Boris

ⓒ 2021 All rights reserved. Do not reproduce without permission.

Source link

Steven L. Nielsen