ALPHV BlackCat, the most sophisticated ransomware
The ALPHV BlackCat ransomware It appeared a month ago and is already considered the most sophisticated of this year. It has a series of differential characteristics compared to other similar threats, which gives it a greater capacity to attack very different environments.
It is based on the Rust language, which is not common to find in malware. This is an example of Ransomware-as-a-Service or RaaS. Hackers basically create a threat and market it on the Internet so that others can buy it and infect third parties for financial gain. In this way developers earn money, but also those who “invest” in this ransomware to infect others.
But what makes ALPHV BlackCat ransomware so sophisticated? It has many advanced features. For example, use different encryption routines, delete virtual machines, and delete backups to prevent recovery.
In addition, it includes a JSON configuration that allows you to customize extensions, ransom notes, the way files and folders will be encrypted or which services and processes will automatically terminate. This can give attackers a broader range of options for success.
Other actions that this ransomware includes is being able to delete the Windows trash or search for other devices on the network. It also has a unique Tor site for each victim, so the negotiations are independent for the affiliates of that ransomware.
On the other hand, the ALPHV BlackCat ransomware will be able to encrypt Windows disks mounted on Linux or vice versa. It is another feature that makes this threat sophisticated and can be a real problem for Internet users.
How to be protected from ransomware
So what can we do to be protected from ALPHV BlackCat? The truth is that the security measures that we must adopt are the same as to avoid any entry of another variety of ransomware or malware in general.
First and foremost is the common sense. We must avoid making mistakes that could favor the entry of threats. For example, download dangerous attachments that come to us by email or install software from sources that are not official.
We must also have at all times a good antivirus. Some interesting options are those of Windows Defender, Avast or Bitdefender, but there are many alternatives that can maintain good security on our computer and prevent the entry of malicious software.
On the other hand, it is essential to have the latest versions installed. In this way we will correct possible vulnerabilities that can be exploited to encrypt files and cause a malfunction in our equipment.