Many of us often download free games and software from the internet without any hesitation. But did you know, often these games contain ransomware that is downloaded in your phone or desktop along with the free product?
McAfee noticed the Anatova ransomware on January 1 and declared it part of infamous ransomware families like Crysis and Gandcrab. According to McAfee, the ransomware makes use of RSA keys and strong encryption to block users from accessing their PCs.
Upon further investigation, McAfee observed that the ransomware uses a variety of tactics to temp the users towards their fraudulent activities. This also helps them conceal their identity from cybersecurity.
The lead scientist and principal engineer at McAfee confirm the findings of the malware that has the potential to become very dangerous. Moreover, the tactics used by the Anatova ransomware indicate that hackers are professionals with enough experience in the field. They have also confirmed the effectiveness of the ransomware to add enough functionality that lack in typical hacking attempts.
The function of Anatova is similar to other ransomware. Once a victim is decided, the RSA pair of keys is generating using crypto API. The keys will code all strings before generating random keys and deploy the ransomware fully on the host’s system.
Once the hackers get hold of a system – they lock the files on the computer and demand cryptocurrency of 10 Dash that is equal to $700.
Anatova gives out a cryptocurrency wallet address and asks the owners of the system to email the hackers for the decryption keys.
As of writing this report, researchers at McAfee are not certain about the identity of the ransomware authors.
McAfee noticed the Anatova ransomware on January 1 and declared it part of infamous ransomware families like Crysis and Gandcrab. According to McAfee, the ransomware makes use of RSA keys and strong encryption to block users from accessing their PCs.
Upon further investigation, McAfee observed that the ransomware uses a variety of tactics to temp the users towards their fraudulent activities. This also helps them conceal their identity from cybersecurity.
The lead scientist and principal engineer at McAfee confirm the findings of the malware that has the potential to become very dangerous. Moreover, the tactics used by the Anatova ransomware indicate that hackers are professionals with enough experience in the field. They have also confirmed the effectiveness of the ransomware to add enough functionality that lack in typical hacking attempts.
Also Read: Google steps up to help users against phishing attacksThe ransomware targeted several countries of the European markets including the UK, Belgium, and Germany. However, the internet users of the US were the most affected.
The function of Anatova is similar to other ransomware. Once a victim is decided, the RSA pair of keys is generating using crypto API. The keys will code all strings before generating random keys and deploy the ransomware fully on the host’s system.
Once the hackers get hold of a system – they lock the files on the computer and demand cryptocurrency of 10 Dash that is equal to $700.
Anatova gives out a cryptocurrency wallet address and asks the owners of the system to email the hackers for the decryption keys.
As of writing this report, researchers at McAfee are not certain about the identity of the ransomware authors.
