Earlier this year, the California-based cybersecurity firm Bromium issued a warning about a then-new strain of ransomware called TeslaCrypt, which primarily focused on attacking game files and game platforms including Minecraft, World of Warcraft, Call of Duty, Diablo, several ES sports titles, and many more (though after encrypting a victim's game files, it would then spread to encrypt Word documents, Excel files, PowerPoint presentations and various image files, too).
Now TeslaCrypt is back, after the research firm Kaspersky warned about the updated TeslaCrypt 2.0, which has been refined, strengthened, and also disguised as an older form of ransomware called CryptoWall.
As its name suggests, ransomware is a type of malware that lets attackers hold a victim's device and/or files for ransom, by encrypting the files and refusing to decrypt them unless the victim pays money (usually via Bitcoin or wire transfer, both of which are untraceable).
Form of extortion
Like all cybersecurity threats, ransomware appears in many forms. In January, investigators in Tennessee discovered a particularly nasty variant: after taking control of a victim's smartphone, the hackers would then plant child pornography on the device and refuse to remove the images or otherwise relinquish control unless the victim paid $500. The phones' owners cannot delete the pictures, and they're usually afraid to contact police for fear they'll be arrested for possession of illegal images.
A teenager in Washington State apparently fell victim to child-pornographic malware last month. The Renton Reporter's police blotter from July 12 said that:
A 16-year-old boy viewed pornography on his phone discovered it was infected with “ransomware” when he tried to free up space.
He and his mother went to the Police Department on June 17 to report the ransomware, which was activated when he attempted to delete a URL.
An officer scrolled through the screens on the phone, noticing sexually explicit photographs of people, some of whom looked younger than 18.... With permission, the officer tried to remove the ransomware but the fix didn’t work.
The boy told the officer he didn’t download any photos. Because of the boy’s age, the officer placed the phone into evidence so the boy wouldn’t get into trouble for possessing pornography. The boy said OK.
In Texas, the Austin Police Department issued a July 15 warning about another ransomware strain, this one snaring victims by initially pretending to be messages from law enforcement agencies: “Forms of ransomware which impersonate law enforcement agencies have been on the rise. These forms of the malware typically show a notification page from either a federal law enforcement agency or from the victim’s local law enforcement agency informing the user that they have committed illegal activity online and have been given a fine.”
Back up your files
Ransomware is another form of malware and is spread like any other kind: through spammy emails or text messages, virus-riddled file attachments, and similar techniques. Even if you have the bad luck to be infected, it generally won’t be a problem if you have backup copies of all your files; rather than pay the ransom, you can wipe your device clean and use your un-infected backup files to restore it.
If you don't already have backup copies of all your important files – not just on your home computer, but also your tablet, smartphone, and anything else holding important data you don't want to lose – you should make copies right away, and keep them on a dedicated thumb drive, flash drive, or burn copies onto a disc.
In addition to these physical media storage options, you also have the option of hiring a backup service — though that brings the usual risks that come with entrusting your data to anyone other than yourself.