I’ve been in the business of defeating malware for more than 25 years. Having started as a part-time developer at Avast, which was called ALWIL at the time, I found myself hooked by the cat-and-mouse game of white hat against black hat, and I still am today, as Avast’s Chief Technology Officer.
Avast is now detecting mobile ransomware, which we will refer to as “WannaLocker” from now on. The ransomware is targeting Chinese Android users. WannaLocker’s ransom message screen may look familiar to you and that’s because it looks just like the WannaCry ransomware screen, the ransomware that spread like wildfire around the world mid-May. Another interesting aspect is that WannaLocker encrypts files on the infected device’s external storage, something we haven’t seen since Simplocker in 2014.
WannaCry (AKA WanaCrypt0r, WCry, Wannageddon or another day of cyberinfamy), which marries ransomware with worm-type spread targeted at Microsoft Windows operating systems, is the “the worst ransomware outbreak in history.” But according to Jakub Křoustek, a lead on Avast’s Threat Intelligence team, it could easily have been avoided through proper patch management. The attack, which began on May 12, has cost victims as much as $4 billion.
While the WannaCry ransomware outbreak wreaked havoc on computers around the globe, Avast’s Threat Intelligence team worked around the clock to protect our users. In fact, our team had been tracking an early version of WannaCry since February, well before the first widely detected strain that debuted on Friday, May 12, at which point we detected more than 10,000 infections per hour as it began to spread worldwide.
While the WannaCry ransomware outbreak wreaked havoc on computers around the globe, Avast’s Threat Intelligence team worked around the clock to protect our users. In fact, our team had been tracking an early version of WannaCry since February, well before the first widely detected strain that debuted on Friday, May 12, at which point we detected more than 10,000 infections per hour as it began to spread worldwide.
XData ransomware was discovered mid-May and now, two weeks later, we have released a free decryption tool for victims hit by XData ransomware that they can use to decrypt their data.
Special thanks to Ladislav Zezula for working on this blog post and the decryptor tool!
Special thanks to Ladislav Zezula for working on this blog post and the decryptor tool!
Everyone loves a new computer. Why? Because when you turn it on and launch apps and programs, it responds quickly. However, as you start to download more apps and install games and create documents, you’ll probably find it taking longer and longer to start Windows.
While most pundits agree that Trump’s first hundred days in office were underwhelming on the legislative front, he did manage to pass a measure on internet privacy that caused quite a stir in the media. This would be the rollback of privacy regulations that prevent ISPs (internet service providers) from selling user browsing history to third parties. As soon as the measure appeared likely to make it to the president’s desk, article after article was written decrying the development. Sensational headlines spelled out the end of the internet as we know it, a complete surrender of our personal data to big corporations, and social media was aflame with cries of “the end of privacy.”