New Ransomware virus causing havoc with PC's and smartphones


At some point in your computer-using life, you’ve almost certainly found yourself at the mercy of some sort of computer virus, quite probably without even knowing about it. You could have received it in an email, from a flash drive or, infamously, by installing a toolbar.

Many viruses are relatively harmless, just causing irritating pop-ups or changing your homepage and search engine, but others are anything but. The most destructive computer virus ever, MyDoom, caused over $38 billion dollars of damage, almost half a trillion Rand, in 2004. More recently, a virus called Stuxnet infected an Iranian nuclear plant and caused the uranium enrichment centrifuges to spin so fast they destroyed themselves, severely hampering the program.

But for the normal people of the world, a new kind of virus is more terrifying that anything that has come before it. Known as ransomware, this new breed of virus is infecting increasing numbers of computer across the globe, often with highly traumatic consequences.

Read: Swine flu used to spread computer virus

Ransomware can infect one’s computer in a number of ways, including through other viruses already on your machine, but the most common is through email. Then, once installed, it starts living up to its name.

Firstly, the virus takes control of your system, usually through a full screen message that cannot be closed. Then, it encrypts the hard drive of the computer, rendering all information on it inaccessible, including the virus itself. By this point it is virtually impossible for the user to remove the virus.

With the user completely helpless, the virus offers up the ransom. Pay a certain amount of money into an account, and you will regain control of your device. Payment details will be displayed on the screen and amounts can vary from $50 up to several hundred, said the FBI in a report on the threat.

The user is faced with a very difficult choice. They can either pay the money and hope the virus lives up to its word, or they can forfeit their hard drive and all the documents on it. Some variations force the user’s hand even further, one kind is reported to threaten users that if they don’t pay the ransom the virus will download child pornography to their hard drive and inform the authorities, according to SecureList, an internet security site. In these situations simply ignoring the virus is not an option.

Ransomware isn’t a new thing, early cases were reported in 1989, but recently it’s been on the rise. Much of this growth is driven by the fact that those behind the viruses are now targeting arguably even more important technology: smartphones and tablets.

Read: South African's secret porn viewing habits.

Lookout, a company that produces security software for smartphones, estimated in its 2014 report that in the previous year alone, 4 million US users of Android phones were victim to Ransomware. Data released by Effective Measure, a web analytics firm, in August last year indicated that 40% of South African phone users owned Samsung devices, most of which run Android. This means that there are around 8 million vulnerable smartphone users in the country, a number which will only increase as android-based phones continue to gain market share on the back of declining Blackberry sales.

Blackberry and iPhone devices are relatively resistant to viruses of any description and as yet there are no reports of Ransomware affecting such phones.

The most common variant affecting phones at the moment is a virus called ScarePakage. The malware masquerades as an ordinary app update, like Adobe Flash, in order to gain access to the device. The virus then presents a fake, but legitimate looking, message from the FBI infoming the user that they are being investigated for a crime and that their device has been blocked accordingly, reported the New York Times. It is impossible to navigate away from the message and rebooting the phone does not resolve the issue. The only way to remove the virus is by paying $500 after which it will remove itself from the device. Lookout referred to the virus as “highly concerning.”

So far, these viruses have mainly targeted users in the US and Europe, but there is no reason why it could not affect local devices. ScarePakage is just one of a multitude of viruses that are constantly evolving new functionality and ways to avoid detection until it is too late.

Read: Computer "reads" human thoughts

What can you do? If you’ve already been infected with ransomware, it’s probably too late, the only thing that may help is to immediately disconnect your device from any internet connection, either by pulling out the ethernet cable or switching off the computer's wireless connection. You can pay the fee but there’s no guarantee this will actually remove the virus. In the case of Ransomware, prevention isn’t just better than cure, it’s the only option.

For Android users, the best strategy is to only download apps from the Google Play store and not from other, unverified sources. Avoiding the virus on a computer is more difficult as there are a number of methods through which infection can occur. As a rule, users should be highly critical of anything they download to their computers, and always ensure that seemingly legitimate updates, like flash player, are originating from sites with a security certificate, identified by a lock symbol in the left of the browser’s URL field.

Read more:
Computer replaces therapy couch
Beware this new SMS job scam

We live in a world where facts and fiction get blurred
In times of uncertainty you need journalism you can trust. For only R75 per month, you have access to a world of in-depth analyses, investigative journalism, top opinions and a range of features. Journalism strengthens democracy. Invest in the future today.
Subscribe to News24
Voting Booth
Have you entered our Health of the Nation survey?
Please select an option Oops! Something went wrong, please try again later.
30% - 9643 votes
70% - 22633 votes