2017 was “The Year of Ransomware.” It saw an incredible number of ransomware attacks and infections, paired with a tremendous number of innovations.
Although 2018 hasn’t seen quite the same level of ransomware activity, it’s still a major threat with one company coming under attack about every ten minutes.
Although there haven’t been as many innovations so far this year, that doesn’t mean they’re not occurring, and some of the new ransomware strains are particularly nasty.
Of interest, this year has seen a rise in ‘Cryptojacking’, which is a variant of a classic ransomware attack where the malware mass encrypts files on the victim’s machine while simultaneously installing cryptocurrency mining software.
This should come as no surprise given the rise in popularity of cryptocurrency, but it does add a disturbing new wrinkle to ransomware attacks. Even after you get your files back, lurking in the background there is a rogue process that’s slowing your system and ultimately putting money into the bank accounts of the hackers.
Most recently, an Obama-themed cryptojacker has been making the rounds.
The ransomware itself is nothing out of the ordinary. It predictably locks your files, demands payment, and installs a Monero miner in the background.
Obama is not the first world leader to unwittingly become the face of ransomware. In 2016, Candidate Trump was featured in a malware strain that proved to be a work in progress. It would infect machines, but didn’t actually encrypt files. It’s unclear if a working version was ever deployed in the wild.
The Obama strain contains code fragments that indicate Chinese origin. There’s circumstantial evidence that leads some security researchers to believe it may be the work of a Chinese hacker known only as “Rocke,” but so far, there’s no definitive proof.
As things stand now, there’s no good defense against this most recent threat, save for continued vigilance.