It seems like every other week these days, the news carries mentions of ransomware or malware unleashed to hold unsuspecting people and businesses’ information for, as the name indicates, ransom. It is a lucrative and growing form of theft, with a surge of 167 times more ransomware in 2016 than in 2015. Yet, this week, what was first thought to be the latest ransomware attack was something intended to be much worse.
The havoc caused this week by the infection known as Petya/ExPetr acted like ransomware at first look –it would pop up and lock data behind a fake screen demanding money for a code to unlock the data and break the encryption. However, there were holes in the way it operated, and experts quickly realized after analysis that the codes customers had paid for were useless. This malware attack wasn’t to ransom data –it was to destroy it. The alleged unlock codes were just random characters that failed to decrypt anything. It wasn’t spread to make anyone money. Experts are calling it a “wiper”. Data on infected systems is lost forever.
The list of infected people and businesses grew rapidly, but security firms also jumped right into action. There are ways to catch a potential infection and stop it.
We’ve long been advocates of staying on top of security and protecting your data. Maintenance is one of the many services we provide, and we understand that losing access to everything on your computer or even an entire office network, could be a devastating and costly process to address. That is the case even when the data that has been encrypted or infected can be cleaned up and restored. In the case of this latest round, that data is simply lost, the extent of which is unknown just yet.
Imagine if your data was suddenly lost forever. We’re often able to recover data due to drive failure, erasure, or common malware infection, but this is worse.
And it’s preventable! Be proactive and save yourself the trouble by contacting us. We’ll set up options to meet your needs, from data backups, top of the line anti-malware and virus protection, to regular maintenance.
There’s a new malware attack seriously infecting computers and stealing data, but the most surprising part of it might be that the targets are Mac computers running OSX. While Apple has taken measures to prevent attacks from the malware, known as OSX.Dok, some users may have already allowed it to live on their machines. OSX.Dok will continuously infect the computer it is installed on every time the computer reboots.
OSX.Dok is unique in that it has been called “the first major scale malware to target OS X users via a coordinated email phishing campaign” by Check Point . It’s true that malware and phishing attacks like this are usually more apt to snare PC users, but this one is one you should pay attention to. Do not click or download any strange attachment or files, and be on the lookout for a .zip file called Dokument.zip.
If you’re infected, you may find fullscreen, but fake messages being displayed that there are OSX updates to be installed, and it requests your password. Do not enter any information if you see one of these screens appear.
Doing so would give the malware administrative privileges, install it on your system, and then be able to steal your data. It could also potentially steal any saved passwords, financial information, or any other sensitive or personal information on your computer.
Mac OS may often be safer from phishing and malware attacks, but this shows that it is definitely not impossible to infect one. Although this attack seems to primarily target European users, with global reach, email could have sent this anywhere.
Apple’s response has been to revoke the privileges of a certificate that has been potentially hijacked to serve as an agent facilitating this malware, so it will likely now be rejected if you aren’t careful and it finds its way to your inbox. If you are infected, contact a trusted computer repair professional, who will be able to remove this malicious software and restore your computer to working order quickly.