In recent weeks there have been some peculiar new strains of ransomware spotted. Take the Popcorn Time ransomware, for instance, which lets you decrypt your files "the nasty way" by helping the blackmailers spread their attack further. If you can infect two other victims (and get them to pay up) Popcorn Time's developers will allegedly send you your decryption key for free. Now there's a new novel twist on ransomware. As Bleeping Computer reports, the Koolova ransomware displays a surprising message on infected systems:
Hello. I'm nice Jigsaw or more commonly known as Jigsaws twin. Unfortunately all of your personal files (pictures, documents, etc...) have been encrypted by an evil computer virus known as Ransomeware'. Now now, not to worry I'm going to let you restore them but only if you agree to stop downloading unsafe applications off the internet. If you continue to do so may end up with a virus way worse than me! You might even end up meeting my infamous brother Jigsaw :( While you're at it, you can also read the small article below by Google's security team on how to stay safe online. Oh year I almost forgot! In order for me to decrypt your files you must read the two articles below.
The so-called twin of Jigsaw, includes links to an article on the Google blog about how to browse the internet more safely, and one of Bleeping Computer's articles about the original not-so-nice incarnation of Jigsaw. As if you needed any further incentive, Koolova goes on to tell you that you shouldn't rest on your laurels. A countdown is slowly ticking down - and when it reaches zero, it claims your encrypted files will be deleted. As Bleeping Computer reports, clicking on the links to the security-related articles prompts a button to appear in Koolova's front end, inviting you to request your decryption key from its Command & Control server.
So, the obvious question is this... are you likely to encounter this peculiar "nice" ransomware? It seems unlikely - after all, what possible incentive could a real criminal have for distributing it? Nonetheless, it wouldn't do you any harm to clue yourself up about computer security, ensure you have appropriate defences in place and make sure that you are making regular secure backups of your data. After all, if you ever do get hit by ransomware, you can't feel confident that the hackers who have encrypted your files will be quite so nice. Editor’s Note: The opinions expressed in this guest author article are solely those of the contributor, and do not necessarily reflect those of Tripwire, Inc