D0xWare – take note of the new malware

D0xWare – take note of the new malware


Once again we’re alerted to a new form of ransomware.
(See yesterdays NZ Herald article by Juha Saarinen: The malware that outs your life on the Internet).

This time the trust that we place in backup no longer saves us from the consequences of a d0xWare attack.

Where ransomware attacks would previously encrypt your files and demanded a ransom for a decryption code to get your files back, we could if we were targeted, always fall back onto our latest backup and so avoid having to pay hackers to get our data back, or at worst pay the ransom and then fully secure our systems in order to prevent another attack.

The DoxWare attack takes a different approach. It assumes that there is something in our documents, (emails, Skype and other documents) that we like to keep confidential. The D0xWare infected computer will send that information to a server and essentially hand over information to the hackers.

The ransomware threat then is that the information will be made public unless a ransom is paid.

In this case your backup will not save you from embarrassment, and there is no retrospective action that you can take, besides paying the ransom which, given that you are dealing with some unscrupulous people in the first place, is no guarantee of your information being kept secret.

You may think that you have nothing to hide and that releasing the information on your computer system will not harm you. The people on your contact list, social media accounts and clients may take a different view of that. And besides that, the d0xware bot may also get access to your bank account details. Naturally hackers do target those that obviously have things to hide or are in industries where discretion is high on the agenda.

So how can you protect yourself from becoming a target?

  • Have up-to-date antivirus and malware software. These may be two different pieces of software. Something like Webroot for AntiVirus and MalwareBytes or to recognise and block unwanted advances and MailMarshal to check your emails.
  • Always confirm the URL when downloading software and never install software that may contain payloads. How do you know that software contains malicious payloads? The short answer is that you can’t tell, but if you’re installing free software then be prepared to get hacked.
  • Be suspicious of email attachments. This is sometimes difficult to judge, especially if you accept email documents for CVs or the like. Consider opening those on a PC that is not attached to the Internet.
  • Set your file explorer settings to show the file extensions and be suspicious of any .exe files (there are others Look at the extension of any file that you open. PDFs are safe. You may want to set your file explorer to show the file extensions. Here is a more comprehensive list of file extensions that you should not open: http://kb.winzip.com/help/ZipSecurity.htm
  • Have a healthy suspicion of any free software, too good to be true offers via email or websites.
  • Always ask your IT support company if you’re not sure of something.

Most important; if you’re concerned about whether your business is adequately protected or not, give us an urgent call. We are keen to ensure that your system is fully protected.