Watch out! Anatova is a new ransomware that targets gamers
Researchers at McAfee have flagged a dangerous form of ransomware, one that poses as games and appears to be compromising several users across the world. The virus carries the ability to morph quickly, which allows it to trick unsuspecting users into believing it's a legit, downloadable program. However, in reality, it locks them out of their PCs and demands money. Here's more about it.
Anatova will lock your files, seek ransom
The ransomware, which has been dubbed Anatova, masquerades as free games and programs to lure unsuspecting users into downloading it. Once installed and launched, the program uses a pair of RSA keys, a strong encryption tactic, to lock the files on the targeted system, ZDNet reported. After this, it demands a crypto-payment of 10 dash or approximately Rs. 50,000 in exchange for the files.
And, it warns against decrypting files
After fully deploying, Anatova presents a strongly-worded ransom note from its creators, which presents a payment address for making the payment and an email address to confirm the payment and receiving a decryption key. Notably, the attackers even warn the victims against retrieving files themselves.
Anatova already affected many users
Users in several countries appear to have been affected by the ransomware, including those in US, Britain, France, and Germany. "Anatova has the potential to become very dangerous," McAfee's engineer Christiaan Beek said, noting that it has been developed by experienced attackers who have embedded enough "functionalities to make sure that typical methods to overcome ransomware will be ineffective".
Plus, its modular architecture is even dangerous
MacAfee's team analyzed the code of the ransomware and found that it carries a modular architecture, something that its developers could leverage to make it even more dangerous or to add new evasion or spreading techniques. As of now, it spreads through peer-to-peer networking.
No clue about the attackers
Having said that, it is also important to note that researchers still don't know who is behind this dangerous ransomware. The virus refuses to affect users in the Commonwealth of Independent States as well as those in Syria, Egypt, Morocco, Iraq, and India. This could be an indicator of where the attackers might be located, but there's no way to be sure at present.
However, you can avoid attacks like this
Such attacks can easily compromise your financial and personal data, but you can easily avoid them by using a reputed, updated anti-virus program. Also, as an additional line of security, don't download unknown programs and games from the internet. Free programs serve as a bait to lure unsuspecting users and you should be very careful (check its developer's details) while installing any known file.
