Anatova ransomware: A new type of ransomware is disguised as an app or game cheating its victims, who think they are installing something completely harmless on their computer.
Anatova ransomware first appeared on 1 in January and the code it contains suggests that its developers are very experienced.
It has the ability to transform quickly, as new cloaking tactics and new propagation mechanisms can be easily added. Anatova ransomware comes equipped with very strong encryption, using two wrenches RSA to lock its victims' files.
Due to these possibilities and the way malware develops, the security researchers McAfee, who discovered the ransomware, warn that Anatova is a project of skilled developers and is a very serious threat.
“Anatova has the potential to become very scalable with its modular architecture, which means new features can be easily added. The malware is written by experienced developers who have built in enough features to make sure that standard ransomware protection methods can be bypassed and are ineffective,” says Christiaan Beek, head investigations by McAfee.
The largest number of victims to date are in the US, Belgium, Germany, France, the United Kingdom and other European countries.
Anatova is disguised as a free game or software, which aims to attract unsuspecting users to download and install the ransomware. Researchers say, however, that it could be spread in many different ways in the future.
Once installed on a system, the malware generates two RSA keys using a crypto API that will encrypt allseries, before generating the random keys to encrypt the victim's system.
Those who get infected with Anatova will also see the ransom note that requires about 700 dollars to decrypt the files.
The note gives a wallet address for payment in cryptocurrency, and somewhat ironically states “nothing commitment, only business".
One last thing worth mentioning is that Anatova ransomware does not infect systems by Russia, Syria, Egypt, Morocco, Iraq and India.
______________________
- Deep Learning who I kill in the event of an accident
- Mark Zuckerberg: announced public debates on 2019
- Microsoft agreement 1,76 twice with the Pentagon
- NSA capture leaker with the help of Kaspersky Lab