Ransomware authors have been having a merry time throughout 2016. And the onslaught continues.
As is common knowledge by now, Ransomware is a malware that infiltrates Systems and devices via downloads/emails/websites and encrypts user’s data files. The malicious program then asks ask for a ‘ransom’ from the user(s) in exchange for a decryption key for the locked files.
Of late, Ransomware creators have increasingly been taking reference from pop culture. The latest to join the bandwagon is ‘Odin’ Ransomware, the updated version of Locky. But before going into how Odin works, here’s a brief recap of others taking a cue from popular movies and comics:
Possibly the first Ransomware to start this interesting nomenclature was Jigsaw. It was named – rather obviously – after the diabolical and sadistic mastermind in the Saw series. The films went on to become a ‘cult’ within lovers of the torture porn/horror genre.
The Jigsaw Ransomware was first spotted in April this year. Much like the villain its named after, Jigsaw taunted victims with lines like ‘I want to play a game with you’. It prayed on people’s fear of not only losing data permanently but also threatened to publish their personal files on a public domain, if they failed to pay up. Eventually, a decryption key was created to tame Jigsaw.
Many of us who grew up in the 80s and 90s would remember the purple spandex clad vigilante-superhero Phantom. He might be a ‘forgotten hero’ today, but 90s heartthrob Billy Zane did a movie called ‘The Phantom’ way back in 1996. Fantom could also possibly be a reference to the disfigured anti-hero in Phantom of the Opera, the well-known French Gothic Horror novel, which was later turned into a film of the same name.
Jakub Kroustek, a malware researcher at AVG was the first to discover Fantom in late August. It had an interesting mechanics to cheat victims out of their data. It operated – much like a Phantom – behind a fake Windows Update dialogue box. By the time users figured out the trick, their Systems would already be infected by Fantom.
This one pays a direct homage to Voldemort, the villain in the wildly popular Harry Potter series. The Ransomware is named after Nagini, the pet snake who devours anyone the evil Wizard has an enmity with.
Although it was in testing mode in late September, the Ransomware asked for Credit Card details for payments instead of the bitcoin, the standard ransom currency.
Of all the Ransomware strains detected during the last two weeks, Odin is the most worrisome. Odin is Thor and Loki’s Father. Marvel fans would be all too familiar with these names.
Odin is the re-invention of the Locky/Zepto strain of Ransomware. It works more or less like Locky, although the infected file extensions become ‘.odin’. However, Odin-hit files can be decrypted.
There is no specific ‘cure’ or even a ‘blocker’ for Ransomware attacks. But cyber security professionals usually come with decryption keys which are distributed free of charge to help victims. However, the best possible solution to not let Ransomware bother you is to back up your important files on a safe and secure server.
You can try using Right Backup to upload the data on the cloud storage. It’s a secure cloud service to backup data with affordable storage plans. For more details on this service, visit www.rightbackup.com
What do you think of this mish mash between pop culture and one of the most widely spread Cyber threats of this decade? Let us know in the comments below.