Mac Ransomware? Yup…

Ransomware knows no bounds

Nicole Reineke at Unitrends recently published an article about a new attack vector for Ransomware –Macs. (https://www.unitrends.com/blog/mac-ransomware) She says “…and although it is crude, it is certainly effective.”

“There is no truth to the idea that Apple’s computers are somehow harder to hack—either through viruses, exploits, or social engineering—than their Windows or Linux counterparts. The reason for their relative security is simple. Apple computers represent only 7.4% of the global market share, and 13% of the market share in the US. With fewer computers on the market, it’s simply not been worth it for hackers to write specialized malware.”

Quoting further from the article:

“Crude, slightly broken, and definitely dangerous

This new ransomware variant, the creatively-named MacRansom, is definitely not up to the standard of the finely-crafted malware, such as Cryptolocker, that’s been giving Windows users so many headaches. It only encrypts 128 files at a time, and it’s so poorly coded that it mangles the files it encrypts. Unfortunately there’s still a way that they can get a hold of your enterprise backups albeit slowly.

Therefore, even if victims pay up the $700 ransom, they’ll never be able to fully restore that data.

There are some technically-sophisticated aspects to this virus, but nothing stunning. It copies features that were used in previous versions of Apple ransomware, such as KeRanger, and incorporates techniques to hide itself from antivirus. These are all features that have been seen before on malware targeted at Windows machines.

The real danger posed by MacRansom isn’t in its technical wizardry, but rather in its availability. MacRansom is part of a growing category of ransomware known as Ransomware-as-a-Service (RaaS). MacRansom isn’t the sole intellectual property of a single group of criminals—it’s for sale.”

Security is no longer a concern of “only” Windows users. Security is an all-the-time thing online. Keep your passwords complex and random – -and change them often. Keep your machines patched and have a solid protection plan in place.

We are happy to assist with your security needs. We have a full range of security and backup solutions from on-premise to on-the-cloud. We can help. Contact us today!

Another Day, Another Ransomware Attack: “Nyetya”

The Bad Guys know no shame. It appears they’re going to try every one of the tricks that was leaked from the NSA tool kit. Oh, goody. I’m saying “nyet” to “Nyetya”.

If you have servers (or even one server) you need to make sure you have all the latest patches from your Server Software Vendor — besides Microsoft that also extends to Linux (and all the variants) and even Apple products. There is no “safe” operating system from these latest attacks. Your computer (workstation) is the perfect delivery mechanism for the server attack so it’s important you keep whatever Security Suite you have up to date and fully patched. (I’m assuming you’re already keeping up with all the Microsoft and other Operating System Vendor updates regularly, right?!?)

We can provide assistance with patching all of your equipment and we also sell the Trend Micro Security Suite. We can cover your servers and your workstations (even your mobile devices) with some of the very best protection available on the Internet. You can book us online at http://connect.daviestrek.net and we’d be happy to assist you in keeping the Bad Guys at bay.

Want to know more about this latest round? Here are a couple of really good informational sources.

From Trend Micro: https://blog.trendmicro.com/trendlabs-security-intelligence/large-scale-ransomware-attack-progress-hits-europe-hard/?mkt_tok=eyJpIjoiWkdJMk16WXhOVFkyTkdFMCIsInQiOiJyTUtqZlJldHVOMVZIQjZMZDd1VGhzYVwvWTFLdGQ2Ym5CQWpIT2xPVUlJRTc4blRBdGVwelVFR1pPUW1RM0hocDYyS2loUnBPMXN0TWQ3V2hRbjl2WFwvRE9mRTd6OXJrT1dMTWQ5bmdxNGdzaWphTFwvWW5rV2tJUDNUMzZFbE1YSiJ9

From Cisco’s Talos Intelligence Group’s Blog: http://blog.talosintelligence.com/2017/06/worldwide-ransomware-variant.html