I rediscovered gaming a few years ago and am now totally immersed in the worlds of Witcher 3, GTA V, and, among the latest PC games, Resident Evil 7. These games are gripping, but they also have a few things in common:
I’ve been in the business of defeating malware for more than 25 years. Having started as a part-time developer at Avast, which was called ALWIL at the time, I found myself hooked by the cat-and-mouse game of white hat against black hat, and I still am today, as Avast’s Chief Technology Officer.
Avast is now detecting mobile ransomware, which we will refer to as “WannaLocker” from now on. The ransomware is targeting Chinese Android users. WannaLocker’s ransom message screen may look familiar to you and that’s because it looks just like the WannaCry ransomware screen, the ransomware that spread like wildfire around the world mid-May. Another interesting aspect is that WannaLocker encrypts files on the infected device’s external storage, something we haven’t seen since Simplocker in 2014.
WannaCry (AKA WanaCrypt0r, WCry, Wannageddon or another day of cyberinfamy), which marries ransomware with worm-type spread targeted at Microsoft Windows operating systems, is the “the worst ransomware outbreak in history.” But according to Jakub Křoustek, a lead on Avast’s Threat Intelligence team, it could easily have been avoided through proper patch management. The attack, which began on May 12, has cost victims as much as $4 billion.
While the WannaCry ransomware outbreak wreaked havoc on computers around the globe, Avast’s Threat Intelligence team worked around the clock to protect our users. In fact, our team had been tracking an early version of WannaCry since February, well before the first widely detected strain that debuted on Friday, May 12, at which point we detected more than 10,000 infections per hour as it began to spread worldwide.
While the WannaCry ransomware outbreak wreaked havoc on computers around the globe, Avast’s Threat Intelligence team worked around the clock to protect our users. In fact, our team had been tracking an early version of WannaCry since February, well before the first widely detected strain that debuted on Friday, May 12, at which point we detected more than 10,000 infections per hour as it began to spread worldwide.
XData ransomware was discovered mid-May and now, two weeks later, we have released a free decryption tool for victims hit by XData ransomware that they can use to decrypt their data.
Special thanks to Ladislav Zezula for working on this blog post and the decryptor tool!
Special thanks to Ladislav Zezula for working on this blog post and the decryptor tool!
Everyone loves a new computer. Why? Because when you turn it on and launch apps and programs, it responds quickly. However, as you start to download more apps and install games and create documents, you’ll probably find it taking longer and longer to start Windows.