Anatova Ransomware Posing as Games and Software

in anatova •  6 years ago 


The release of new ransomware is nothing new. All pose a threat to users and their computer systems. A new version released, however, recently seems to be targeting those who download games and software.

Anatova Ransomware


Anatova is a new version that emerged on 1st January. The code behind this new virus is thought to have been created by experienced developers.

Not only does it have the ability to adapt quickly, but there is also strong encryption. Anatova uses a pair of RSA keys, locking users out. RSA keys are used successfully by other ransomware like GandCrab.

Serious Threat


Security researchers at McAfee have warned that it has the potential to become a serious threat. Christiaan Beek, lead scientist and principal engineer at McAfee, said it's functionalities make typical methods to overcome ransomware ineffective.

Beek also warned that it's modular architecture means new functionality can be easily added.

Easily Spread


Anatova uses by peer-to-peer networking and masquerades as free downloads of games and software. This tempts unsuspecting users to download it to their computers.

The Ransomware then creates a pair of RSA keys using the crypto API. These random keys used to encrypt the target system and deploy the ransomware.

Once the user's computer is infected, Anatova sends a ransom note. This demand is for payment in cryptocurrency of 10 Dash (around $700). It also provides a cryptocurrency wallet to make the payment and then directs the user to email the hackers to release the computer.

Origins


The people behind Anatova is not known, but it terminates itself if downloaded by anyone in the Commonwealth of Independent States. These states include Russia and other former Soviet Union countries.

The ransomware has also been refusing to infect systems in Syria, Egypt and Iraq.

Senior malware analyst at McAfee, Alexandre Mundo notes it's normal for originating countries to be excluded from infection. However, it is surprising to see additional countries also being immune.

Posted from my blog with SteemPress : https://latesthackingnews.com/2019/01/25/anatova-ransomware-posing-as-games-and-software/

anatova cryptocurrency dailyhacknews hackingnews mcafeeantivirus
6 years ago by

Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

  • Disagreement on rewards
  • Fraud or plagiarism
  • Hate speech or trolling
  • Miscategorized content or spam

Submit
$0.00
    3 votes
    1
    Authors get paid when people like you upvote their post.
    If you enjoyed what you read here, create your account today and start earning FREE STEEM!
    Sort Order:  
  • Trending
    • [-]
      ·  6 years ago 

    Hi! I am a robot. I just upvoted you! I found similar content that readers might be interested in:
    https://www.zdnet.com/article/new-ransomware-poses-as-games-and-software-to-trick-you-into-downloading-it/

    Downvoting a post can decrease pending rewards and make it less visible. Common reasons:

    • Disagreement on rewards
    • Fraud or plagiarism
    • Hate speech or trolling
    • Miscategorized content or spam

    Submit
    $0.00
      1 vote