Anatova ransomware: A new type of ransomware is disguised as an app or game cheating its victims, who think they are installing something completely harmless on their computer.
Anatova ransomware first appeared on 1 in January and the code it contains suggests that its developers are very experienced.
It has the ability to transform quickly, as new cloaking tactics and new propagation mechanisms can be easily added. Anatova ransomware comes equipped with very strong encryption, using two wrenches RSA to lock its victims' files.
Due to these possibilities and the way malware develops, the security researchers McAfee, who discovered the ransomware, warn that Anatova is a project of skilled developers and is a very serious threat.
“Anatova has the potential to become very scalable with its modular architecture, which means new features can be added easily. The malware is written by experienced programmers who have built in enough features to make sure that standard methods protectionransomware can be overcome and are ineffective,” says Christiaan Beek, head of research at McAfee.
The largest number of victims to date are in the US, Belgium, Germany, France, the United Kingdom and other European countries.
Anatova is disguised as a free game or software, which aims to attract unsuspecting users to download and install the ransomware. Researchers say, however, that it could be spread in many different ways in the future.
Malicious software after installing it into a system creates two RSA keys using a crypto API that will encrypt all the strings before creating the random keys to encrypt the victim's system.
Those infected with Anatova will also see the note about the ransom which require about 700 dollars to decrypt the files.
The note gives one wallet address for payment in cryptocurrencies, and states somewhat ironically “nothing personal, only business”.
One last thing to mention is that Anatova ransomware does not pollute systems from Russia, Syria, Egypt, Morocco, Iraq and India.
______________________
- Deep Learning who I kill in the event of an accident
- Mark Zuckerberg: announced public debates on 2019
- Microsoft agreement 1,76 twice with the Pentagon
- NSA capture leaker with the help of Kaspersky Lab