Protecting Against the Snatch Ransomware Threat
A dangerous malware virus called Snatch is making the rounds. Surprisingly, Snatch reportedly takes advantage of Safe Mode in Microsoft Windows in order to prevent the targeted computers from using antivirus software. Windows Safe Mode is a safety feature which helps users troubleshoot problems by rebooting their PC in a safer environment. Safe Mode allows only the most basic software, drivers or services that come with Windows. It disables all additional programs. However, this process also prevents victims’ computer antivirus software from loading.
What is Snatch?
Snatch, discovered by Michael Gillespie, is a high-risk piece of ransomware. It encrypts data on PCs and extorts users to pay ransom in order to unlock their data. The computer infection creates a ransom message within a text file dubbed “Readme_Restore_Files”. Moreover, it renames encrypted files by adding its extension name, “.snatch.”
The British computer security company Sophos found that Snatch can function even in Safe Mode. Then, it encrypts the victim’s hard drive to force the user to pay the ransom to re-access the drive.
Keeping your Data from Getting Snatched
Sophos offered tips to protect computers against the Snatch ransomware:
First, organizations should not expose the Remote Desktop interface to the unprotected internet. All internet-facing remote access programs or tools could be huge risks if users leave them unwatched and unattended.
Second, organizations should use multi-factor authenticators for administrators to make it more difficult for attackers to breach their accounts.
Third, companies should do a thorough inventory check of all devices and search their network for threats.
- Identity Theft vs. Identity Fraud - July 3, 2020
- Hackers Targeting the COVID-19 Response - June 17, 2020
- Teaching Cybersecurity - June 8, 2020
- Shifting Roles for Cybersecurity Experts in the Wake of Coronavirus - May 27, 2020
- COVIDcast Maps: Academia and the Private and Public Sectors - May 20, 2020
- Hospitals Must Improve Security to Combat Cyber Attacks - May 13, 2020
- Effect of COVID-19 on Cryptocurrency - May 6, 2020
- Singapore Act to License Cryptocurrency Firms in Effect - April 29, 2020
- Ransomware Hits A School District - April 21, 2020
- IT Security Measures - April 16, 2020