From: RegTech Analyst
Snake is the latest in a long string of ransomware programs financial services firms must be on the lookout for.
The new virus was originally discovered by MalwareHunterTeam, the site that helps businesses and private individuals identify the ransomware that may have crippled their computers.
MalwareHunterTeam then shared their findings with Vitali Kremez, head of SentinelLabs at SentinelOne, the Mountain View-based antivirus platform provider, to analyse and reverse engineer the virus, BleepingComputer reported.
“The ransomware contains a level of routine obfuscation not previously and typically seen coupled with the targeted approach,” Kremez told the publication.
This is how Snake works: once the ransomware has infected a device, it will remove the computer’s shadow volume copies, which is a technology that creates backup copies or snapshots of the files in the computer.
Once the backup abilities have been disabled, Snake deletes processes related to SCADA systems, virtual machines, industrial control systems, remote management tools, network management software and more.
It then moves on to encrypt files on the computer before creating a ransom note, telling the computer owner to cough up or risk not getting their files back.
There is no shortage of ransomware strains out there, with GandCrab, Emotet, CrySis and Sodinokibi being deemed four of the worst ones out there.
Criminals are happy to use them. For instance, Sodinokibi, also referred to as REvil, was used in the hack attack discovered on New Year’s Eve 2019 that crippled foreign exchange company Travelex’s services.
In the UK alone, ransomware attacks grew by 118% in the first quarter of 2019.
Copyright © 2020 FinTech Global