May, 2017

Protect yourself from WannaCry and Jaff ransomware

The WannaCry cyberattack recently infected more than 300,000 computers worldwide. It holds a computer hostage until the user pays a certain amount of money to the hacker. However, there is no guarantee that a user gets data back when hackers receive money. According to Tom Bossert, assistant to the president for homeland security and counterterrorism, less than $70,000 was paid to the ransom hackers and that he was "not aware of payments that led to any data recovery".

Ransomware Encryption

Another malicious file-encrypting program is called Jaff and distributed via mass email spam sent by Necurs botnet which first appeared in 2012 and is considered to be one of the largest and longest-running botnets these days. According to the recent research done by IBM Security, Necurs currently controls more than 6 million infected computers worldwide and is capable of sending batches of millions of emails at a time. Necurs is the main distribution channel for some of the worst banking Trojan and ransomware programs and, in this way, it is indirectly responsible for the large percentage of the world's cybercrime. The new Jaff file-encrypting ransomware is similar to the infamous Locky and Bart ransomware programs in many ways, but it uses a different code base, so it is a separate program. Another interesting aspect is that it is demanding 2 Bitcoins (approx. $3,700) to unlock the encrypted files on an infected computer, which is much higher than what most other ransomware programs ask for.

ACE Data Recovery team is concerned about protecting your data, so we urge you to take necessary measures to safeguard your computer against ransomware infection because even the best data recovery services providers cannot help when your data was encrypted by ransomware viruses like WannaCry and Jaff. We recommend immediately turning on automatic updates and patch your systems as only computers that can be compromised by the WannaCry virus are the ones that do not have the latest security patches available from Microsoft. Second, you should always be suspicious of unsolicited documents sent to you by email and never allow the execution of active content inside attached documents unless you can verify their source. Finally, you can protect yourself against ransomware by making regular backups of your critical files on external storage devices that are not always connected to your PC. Therefore, you'll have most of your data safe when something unexpected happens.