Categories: Tech

Govt issues red alert as ransomware hits computers via email

<p>
The Central government has issued a ‘Virus Alert’ via The Indian Computer Emergency Response Team (CERT-In) as a new type of ransomware has been found spreading through email.</p>
<p>
The ransomware is targeting Windows computers and once the payload is delivered it locks the PC remotely and asks for money from the user to open it again.</p>
<p>
CERT-In in its latest advisory warned about the ransomware called Diavol. According to the advisory, the ransomware is compiled with Microsoft Visual C/C++ Compiler. “It is encrypting files using user-mode Asynchronous Procedure Calls (APCs) with an asymmetric encryption algorithm,” it said.</p>
<p>
According to CERT-In, the Diavol malware has been spreading via email, which includes a link to OneDrive. The OneDrive link directs the user to download a zipped file which includes an ISO file containing a LNK file and a DLL. Once opened on the users system, the LNK file masqueraded as a Document entices the user to click/open it. Once the user executes the LNK file, the malware infection will be initiated.</p>
<p>
<strong>Diavol damage</strong></p>
<p>
After the Diavol malware infects a PC, it carries out pre-processing on the victim system including registering the victim device with a remote server, terminating running processes, finding local drives and files in the system to encrypt, and preventing recovery by deleting shadow copies. Then, the files are locked and desktop wallpaper is changed with a ransom message.</p>
<p>
When executing on a compromised machine, the ransomware extracts the code from the images’ PE resource section and loads it within a buffer with execution permissions, according to CERT-In</p>
<p>
<strong>How to stay safe from Diavol</strong></p>
<p>
In order to stay safe from this ransomware it is crucial that users update software and operating systems with the latest patches. Scan all incoming and outgoing emails to detect threats and filter executable files from reaching end users.</p>
<p>
Other methods include, network segmentation and segregation into security zones – help protect sensitive information and critical services. Separate administrative network from business processes with physical controls and Virtual Local Area Networks.</p>

IN Bureau

Recent Posts

Baloch Yakjehti Committee releases documentary to honour Karima Baloch’s legacy

On the 4th death anniversary of human rights activist Karima Baloch, the Baloch Yakjehti Committee…

2 hours ago

EAM Jaishankar to visit US from December 24-29

External Affairs Minister S Jaishankar will visit the US from December 24-29 to discuss key…

3 hours ago

Balochistan: Medical students protest campus closure, security crackdown

Students at the Bolan Medical College (BMC) in Balochistan's Quetta entered the 27th day of…

4 hours ago

Climate change, health risks escalate amid surge in PoGB deforestation

The intensifying cutting of trees for firewood in Pakistan-occupied Gilgit-Baltistan (PoGB) is not only worsening…

5 hours ago

India’s retired judges, bureaucrats call for “immediate end” to attacks on minorities in open letter to Bangladesh

A group of retired judges, bureaucrats, Army officials and other civil society members have penned…

5 hours ago

Israel, Slovakia sign historic USD 582 million deal to boost Air Defense capabilities

Israel and Slovakia signed a 2 billion shekel (USD 582 million) agreement on Monday to…

6 hours ago