[SingCERT] Advisory on Ransomware

[ Background ]

There are millions of new types of malware detected every year - some of which affect computers and others mobile devices. Malaware that locks or encrypts users' information and demands a ransom to unlock it is known as ransomware.

Recent ransomware that affect personal computers include Gameover Zeus and CryptoLocker which encrypts a user's information and demands a ransom from the user in order to decrypt the files.

For mobile phones, malware such as Koler and SimpleLocker lock up users' phones and require a ransom to unlock them.

[ Impact ]

Systems infected by ransomware could be used to send spam and participate in distributed denial of service (DDoS) attacks. Infected systems could also lose sensitive information (e.g. usernames, passwords, banking information).


[ Solution/Workaround ]

Users need to be vigilant and take the necessary cyber security precautions such as:

General

  • Scan your phone and computer regularly with anti-malware scanner and remove the threats found.
  • Install an anti-malware scanner to protect your phone and computer.

For Personal Computers

  • Change all usernames and passwords from a trusted computer. For more information on creating a strong password, users may refer to GoSafeOnline.
  • Keep your operating system and software up-to-date.
  • Back up your important files regularly.

For Mobile Phones

  • Download and install apps from official sources (e.g. iTunes store, Android Play Store).
  • Disable the installation of apps from unknown sources for Android phones (Settings > Security > uncheck Unknown sources box).

[ References ]

http://www.justice.gov/opa/pr/2014/June/14-crm-584.html
https://www.us-cert.gov/ncas/alerts/TA14-150A
http://www.bleepingcomputer.com/virus-removal/CryptoLocker-ransomware-information
http://www.f-secure.com/weblog/archives/00002712.html
http://www.channelnewsasia.com/news/technology/malicious-sms-6-things/1492596.html