Kaspersky: guard against the new "Onion" ransomware

Encryption ransomware is a type of malware that encrypts user data and decrypts the ransom with this ransomware, which can cause huge loss of money or loss of important sensitive data. According to data, cryptolocker intruded at least 100 computers within the first 0.2 million days of its rise, and its fraud revenue is estimated to be as high as $0.38 million or more. However, compared with previous cryptolocker and gpcode, Kaspersky's recently discovered new "Onion" ransomware has never been inferior.

It is called the "Onion" ransomware because it uses the TOR anonymous Network (onion routing) to hide its vicious nature. It is understood that, as a new type of encryption ransomware, it uses the countdown method to intimidate victims to pay Bitcoin as decryption ransom. Cyber Criminals claim that, if a ransom is not paid within 72 hours, all encrypted files will no longer exist.

Why did onion malware go beyond the previous ransomware and become a very dangerous threat? Fedor sinitsyn, Senior malware analyst at Kaspersky Lab, said: "Currently, tor communication methods seem to have been confirmed and used by other types of malware. In the previous cases, the technical improvement of onion malware was manifested in the TOR function used by malicious activities. Hiding the command and control server in the TOR network makes searching for cyber criminals very complicated. Because onion malware uses informal encryption techniques, files cannot be decrypted even when traffic is intercepted between Trojans and servers. These factors make it a very dangerous threat and one of the most complex encryption software currently ."

How can Internet users Ensure the security of key data and avoid such threats as the emergence and evolution of network threats? Experts from Kaspersky Lab suggest that you copy important data regularly. When copying data, you should note that the copy is only available on mobile devices in this process. Otherwise, the ransomware will intrude into and encrypt and copy files in the same way as the original files are infected. In addition, netizens and friends should also use anti-virus software to ensure the security of personal identities and sensitive data. It is understood that the latest version of Kaspersky security software has deployed a dedicated technology to deal with such encryption ransomware. Kaspersky Lab's award-winning security technology comprehensively defends against all types of network threats while ensuring the security of online financial transactions such as online banking and online shopping in real time, perfectly balancing security and computer performance.