The surprising thing is anyone can create this on the dark web, all you will need to do is pay 25% of the money generated to the authors. According to Fabian Wosar, a security expert via Betanews, “The initial infection method is nothing out of the ordinary, involving little more than using spam emails to lure victims into installing the ransomware. Delivered as a compressed RAR file, Ransom32 self-extracts and uses WinRAR’s scripting language to configure the malware to launch at system startup, establishing a connection to a ‘command and control server’ using the bundled Tor client. Files are encrypted and a ransom note is issued, warning that the cost of decrypting files will increase as time goes by.
So what can you do to protect yourself? Unfortunately, since anti-virus software manufacturers have been slow to push out definitions that detect Ransom32, you have little help from them, what you can do is:
- Have a backup strategy in place.
- Do not access .zip attachments in e-mails from unknown senders.
- Do not click links in e-mails from unknown senders. If you can see the actual link, copy and test it using this website.
- Avoid questionable websites and never click links in unknown web page.
Every spirit of Ransom32 is sent back to the sender, can I hear an Amen?