Do you follow the promise of free software?

Hackers have long used the lure of software cracks to infect unsuspecting users, but recently, a new group is making waves and finding significant success in using the Exorcist 2.0 ransomware to lock user's files and extort them. It's a nasty combination. The user thinks he's getting a free unlock for some piece of software (most often, Microsoft's Windows 10), but when he downloads and runs the file, he finds that it is password protected.

Since the user has to manually enter the password to gain access to the supposed unlock file, those protection programs all assume that everything is fine (because the user wouldn't do something dangerous to their own device, would he?). That allows the threat actors to neatly side-stepping Microsoft's SmartScreen, Google's Safe Browsing, or the security protocols included in whatever anti-malware software you're running.

So you've got all your files locked

If you've been lured by the prospect of free software and found yourself with locked files, unless you've made a recent backup, you're at the mercy of the hackers. They currently are extorting a bargain-basement ransom of $250 and as much as $10,000 from users to get their files back.

Of interest though, they're surprisingly professional about it, or as professional as hackers can be expected to be, at any rate. You'll be able to live chat with a hacker "customer service representative" who will helpfully walk you through the ransom paying process, and in a demonstration of 'good faith,' they'll even decrypt one file for you, for free so you can see that they do indeed have the capability of restoring all of them.

Our perspective

This is obviously bad news, but in this case, the fix is a simple one: Don't use cracked software. Spend the money to buy a legitimate copy. Sure, if you use a crack, it might work. Or, you might wind up with all your files encrypted and in a real bind. It's just not worth the modest savings involved.

~ As Ron White would opine: "There is no fixing stupid" ~

 

By Denis Wilson and Melissa Stockwell

Thanks for reading this short post. For more tips on thriving with small business technology, check out the other blog posts at DWPIA Blogs. You can also find me on LinkedIn, Facebook, and Twitter.

Cybersecurity Expert, Small Business Technology Consultant, Managed Services Provider, Managed IT SupportI'm Denis Wilson, President and Principal Consultant for DWP Information Architects. We build people/process/technology solutions to create better business outcomes for smaller enterprises in Los Angeles. We have created cost-effective office productivity and out-sourced service solutions for over 20 years, focusing principally on manufacturing, professional services, and healthcare.  Our hallmarks are cloud and on-premises network reliability, cost-effective cybersecurity, and livable small business regulatory compliance.

I am also a published author and speaker, working extensively with business and professional associations to provide small business technology education programs. Contact me if you would like me to speak at your association