2 New Strains Of Ransomware Reported

By Cheryl Knight, contributing writer

A blog by security training awareness provider KnowBe4 details two new strains of ransomware being targeted at individuals and companies in the U.S. Confined, so far, to other countries, IT solutions providers need to prepare for the new malware before it surfaces here.

OphionLocker And TorrentLocker

The two new malware versions are OphionLocker and TorrentLocker. OphionLocker, unlike previous ransomware versions, generates a unique ID number based on various serial numbers, such as that on your motherboard, hard drive, and other information. The malicious program then checks the ID it has generated to see if it has already been encrypted. When infected users go to the malware site, they are prompted to enter the ID provided. Upon entering the ID, the amount is shown in addition to where users need to send their payment in bitcoin.

While infection can cause all sort of problems, there are ways to recover files from the OphionLocker ransomware without resorting to paying money —including the use of a file recovery tool.

TorrentLocker, on the other hand, stores the keys produced by the malware on a remote server, making it impossible of decrypting the infected user’s files. Furthermore, the key produced uses AES with 256-bit keys.

How To Guard Against Infection

The best way to guard against any type of ransomware, according to a recent BSM article, is back up, both on- and off-site. Other steps companies can take to prevent their data from being taken hostage is proper patch management and keeping plug-in numbers to a minimum. A final step includes training for your customers on what to look out for and proper security procedures.

According to KnowBe4 CEO Stu Sjouwerman, remind your customers: “Think before you click. Don’t open anything from someone unless you are expecting it. Hover over an email address to make sure it’s from a valid domain, one you know and recognize.”