KnowBe4 CEO Stu Sjouwerman issued a warning of a new strain of ransomware - a self-replicating parasitic virus called VirRansom. This new strain is a hybrid that combines CryptoLocker and CryptoWall functionality with active self-replicating virus infections of all the files it can find.
Like the cybercrime Reveton family of malware, it locks the PC's main screen demanding 0.619 Bitcoin to let you back in.
According to researchers at Sophos, most worms leave a handful of infected files that weren't there before and need to be deleted. Parasitic viruses, in contrast, may leave hundreds or thousands of infected files on each computer. If even one of those infected files are left behind after a clean-up, the infection will start up all over again.
Sjouwerman suggests IT managers mitigate these types of threats through both technical measures and enforcing security policy, such as:
1.Test the Restore function of your backups and make sure it works and have a full set of backups offsite.
2. Start thinking about asynchronous real-time backups so you can restore files with a few mouse clicks.
3. Get rid of mapped drives and use UNC (universal naming convention) links for shared folders.
4. Look into Whitelisting software that only allows known-good executables to run.
5. Update or enforce security policy best practices, such as thorough effective security awareness training to prevent these types of infections to begin with, as the infection vector is your end-user opening up an attachment or clicking on a link.
For more information visit: www.KnowBe4.com
