This is not our first time facing ransomware, especially Cyber Police. We have been in business with this feat for a while. Why so long? Because it is unique. He is evolving. The way it worked today is very different from a year ago. Now it can be used to affect millions of Android devices. It can secretly enter your device lock and become unusable. All done without you knowing it all.
Blue Coat Labs discovered Cyber Police. It was not too long until Zimperium Labs has confirmed the report. FYI, it is the same laboratory that discovered the hack Stagefright.
What is ransomware?
Ransomware is a malicious script. It can lock any computer or apparatus of the user. Once locked, you can not use it unless you pay the "ransom".
This is the tricky part.
If you are attacked by ransomware, your data is generally safe. But by paying the ransom does not guarantee anything, including your data. The attacker may still contain your data, even after getting the payment.
Cyber Police Attack
The attack begins with the name. Once activated, ransomware is deployed as an application called Cyber Police. A message similar to the following image will appear on your screen. This malicious application will try to ensure that your security has been compromised. How? In saying that somewhere in the past, you have accessed illegal websites. These sites are harmful and your system has been affected.
This message claims to be sent by a kind of security agency. And that is why people fall for it. People believe just about anything without checking. The sender, "American National Security Agency" does not even exist.
Should you receive this message, let me tell you this. This agency is about all fake. It is on your current security system. It is about how to solve this problem. It is even on himself. do not believe anything, especially the ransom. Paying the ransom will not solve anything. It has nothing to do with lawsuit. Or even restore your device.
in the following example, the attacker asked 2 Apple iTunes gift card. Sounds simple? well, you're wrong. This attack has never been linked to any legal threat. therefore, the payment will not fix everything.
This is not the only scary part. the Cyber police viral. It you just have an announcement to infect a system. No need to click on it. once you see it, you are in serious problem. In addition, there is no way that we recognize malicious ad.
Andrew Brand, Blue Coat Labs director of threat research, said: "This is the first time, to my knowledge, a kit feat was able to install malicious success with applications on a mobile device without any user interaction on the part of the victim. "
What he says makes sense. An exploit is basically an application. Usually, an application needs the permission of the user to enter / change the system. But in this case it does not.
So what really happened deep down there? An expert from Zimperium Labs, Joshua Drake, tried to answer. He analyzed the sample and found the answer. This malicious application uses a root it. This tool is known as Towelroot and it can take control of any device. It also has another "gift". It uses the same exploit uses the Hacking Team. You should fear it. This pirate team sells literally everybody data. And it's not just all data. These are surveillance data.
Safe your device?
This ransomware only Android device attacks. If you are using iOS, Blackberry, Windows Phone, or another operating system, this is your first good news.
And here the next. If your device is less than a year, you're probably safe. This ransomware can attack Android ICS Kitkat. If your device is still running either the operating system or another operating system together, please update immediately. As of now, there are still 500 million devices running this OS. Certainly you do not want to become one of them, do you think?
How to protect yourself
What if you were hit? Is there something you can do, say, to minimize the damage?
First, if you are hit, there is not much to do. The attack will lock your data. You lose. Remember, the ransom does not guarantee that you will get your data. That's why I told you that you have not much to do. The only options left will not even satisfy you.
Here are my recommendations. If you are hit by this ransomware, you definitely need a new device. Maybe not the best option. Especially, if you just bought the last device. But this is your best option for now. Why? Because your device will most likely not get an update or patch from Google. So, that means a new device.
I know how it sounds, but this is no time to regret. In the future, try to avoid malicious websites. These sites were most probably equipped with any kind of malicious application. Ransomware, Trojan horses, and nothing else. The good news is the most popular websites have their own security system to launch these threats. Google, Yahoo, CNN, Facebook, Amazon, and many other.
Also, do you have a secure browser? Browser like Google can secure your browser. He will inform you of any suspected malicious activity. Say goodbye to ransomware.
This is my last tip. Always remember to backup your data. Your videos, music, documents, images. All important data. This ransomware can not attack all. But who knows what he attack? Perhaps your most important data. Once they get it, I doubt they'll make it. Here's how serious ransomware attack is.
How to Remove Cyber Police Ransomware
There is still a debate on this issue. Some experts believe that there is nothing to do after a ransomware attack. But let us remember that. When there is a will there is a way. There is always hope for all.
First thing first, do not pay. Your money is the real target of ransomware, not your data. Therefore, there is no guarantee that you will recover your data. Not even after you have paid the ransom.
Second, factory reset might help. A Blue Coat Labs researcher demonstrated. He removed successfully ransomware a Samsung tablet using only the reset. This is good news. You can unlock your device. But, you know where it goes. The reset will erase all data on your device. It is a pain, but worth it if you want your device back.
(Again, the backup. It will solve your problem. You may lose your data, but not all. If you have not backed up your data, try connecting your device to a computer laptop / PC. Sometimes you can always read your memory and remove the data. to do this, before the factory reset.)
Police ransomwarethis Cyber will lock your device. This means you can not go to Settings. You can not factory reset your device from there. However, as I said, there is always hope for all. If you can factory reset your device from there, you have another way to do it
. (PS :. Each camera does not we try this on a Samsung device)
- Turn your device.
- Press and hold Volume Up, Home and Power button button. Wait until the Samsung logo appears.
- Once the logo appeared, release ONLY your device Power button.
- You enter the Android system recovery screen.
- Use the Volume Up / Down button to select Wipe Data / Factory Reset .
- Confirmation of reset will appear. Use button Volume Up / Down to select " Yes."
- Press your button device Power to confirm.
Some Android users have reported that these steps do not work. Somehow, the ransomware prevented them from doing so. Other users have reported a problem during the backup of their data. They tried to save PC-Android, but apparently can not access the data. In one of these conditions, restart your Android device into Safe Mode
Here are the full steps: ..
- Keep your device ON
- Press and hold your device Power for a few seconds. Release the button once you see the prompt arrest.
- Find the Power Off . Press and hold for a few seconds. Output after you see the "Restart in Safe Mode."
- to Yes.
- Open Quick Settings .
- Open Applications.
- Select Applications Manager
- tab towards Uploaded .
- Find anything you don 't recognize. Then delete it. Ransomware should be one of them.
- When done, off your device.
- Reboot your device to its normal state.
Hopefully, this step will help you remove the ransomware and unlock your device. Try a few times if it does not.
If neither work steps, perhaps it is a sign that you need a new device.
0 Komentar