How Does Ransom32 Work?
Malware is placed inside a malicious file inside emails masquerading as delivery notifications, and unpaid invoices The moment it was installed and launched, Ransom32 connected to a command-and-control (C&C) server that was on the TOR network. After which it displayed ransom note as shown below and of course the Bitcoin address where victims are supposed to pay to recover their files.
Currently, Wosar has only seen Ransom32 as a Windows attack vector;however, the NW.js framework can run on all three major operating systems.
How to Protect Yourself from Ransomware Threat?
Here are some ways to protect yourself from Ransom 32:
- Always keep regular backups of your important data.
- Make sure you run an active anti-virus security suite of tools on your system.
- Do not open email attachments from unknown sources.
- Most importantly, always browse the Internet safel