Ransomware has been around for a few years, but in last two years, it has become one of the fastest growing threats to businesses and users across the world, so will be in 2017.
Ransomware is a piece of malware that encrypts files on your computer with strong encryption algorithms and then demands a ransom money in Bitcoin to decrypt the data so you can regain access to your encrypted files.
We have seen some nastier ransomware infections over the past couple of years. The most interesting one was Popcorn Time that decrypts victims files for free if they pass the infection on to other people.
Now, a new strain of ransomware takes the infection to a whole new level of craziness.
Dubbed Koolova, the ransomware will restore your encrypted files for free, just like Popcorn Time. The only difference between both the infections is that you don’t have to infect others to get free decryption key.
Instead, all you have to do is educate yourself about ransomware by reading two cyber security awareness articles about avoiding the infection.
Discovered by security researcher Michael Gillespie and reported by BleepingComputer, the Koolova ransomware is not professionally coded and appears to be a work in progress.
The ransomware requires a lot of technical knowledge to get to the ransom demand screen that asks victims what they need do in order to avoid erasure of their data.
Once infected, Koolova encrypts the victim’s files and then displays a warning screen where the text tells the victim to open and read two articles before they can get the ransomware decryption key.
If the victim is too lazy to read both articles, Koolova starts a countdown that if gets to zero, the ransomware will delete the encrypted files like Jigsaw malware.
But once the victim reads both articles, the Decrypt My Files (Decripta i Miei File) button becomes available. On clicking this button, Koolova will connect to the Command-and-Control (C&C) server and retrieve the decryption key.
The victim will then be able to take that decryption key and enter it into the key field to decrypt files.
Although the motive behind the ransomware attack is not to harm people, these kinds of actions are considered to be illegal in many countries. On January 1, a new law went into effect in California that outlaws the use of ransomware.
Do you consider educating people about any threat like this a good practice? Hit the comments below.