'Diavol' Ransomware Virus Hacks PC Via Email, And Blackmails You To Pay Money

The Indian government has issued an alert for a harmful virus spreading through email that is locking down people¡¯s computers in exchange for a ransom.

CERT-In

Also Read: CERT-In Warns Of Multiple Vulnerabilities In WhatsApp, WhatsApp Business For iOS

To the unaware, such an attack is often referred to as ¡®ransomware¡¯. It is essentially malware that takes control of a computer and locks down all of its files and data and blackmails the victims to transfer a particular amount to the ransomers, sometimes in a specific time frame. Failing to do so could result in the deletion of crucial data.

The Indian Computer Emergency Response Team (CERT-In) has notified new ransomware, dubbed Diavol Virus, has been affecting several computers across the nation.

How it attacks

According to CERT-In, the ransomware is compiled with Microsoft Visual C/C++ Compiler. The ransomware encrypts files of users by making use of user-mode Asynchronous Procedure Calls (APCs) with an asymmetric encryption algorithm.

The ransomware is being shared via email and also has a OneDrive link with it, where it asks the user to download the ZIP file that consists of an ISO file that consists of another LNK file and a DLL. When opened, it mounts on to a system and the LNK file, which looks like a document file, tempts the user to open it. After it¡¯s opened, the damage is done and the system begins to get infected and multiply.

Also Read: Indian Govt's Cyber Watchdog Says Update Your Google Chrome Browser Immediately

The virus starts by pre-processing on the victim¡¯s computer, registering it with a remote server, locating drives and files to encrypt, while also preventing deletion of shadow copies. Files are then locked up and it changes the desktop wallpaper demanding ransom.

Unsplash

How to stay safe?

To avoid coming in contact with Diavol Virus, CERT-In recommends keeping their antivirus software -- either Windows defender or other third party software -- up to date to prevent Diavol from entering the system.

Alternatively, don¡¯t download stuff from unknown sender¡¯s drive or their attachments, to prevent the infected file from getting active.

Also Read: UP Govt's COVID-19 Tracker Bug Exposed Over 80 Lakh People's Private Data

CERT-In adds, ¡°Restrict users¡¯ permissions to install and run software applications, and apply the principle of ¡°least privilege¡± to all systems and services. Restricting these privileges may prevent malware from running or limit its capability to spread through a network. Configure firewalls to block access to known malicious IP addresses. Users are advised to disable their RDP if not in use, if required it should be placed behind the firewall and users are to bind with proper policies while using the RDP.¡±

For more latest science and technology news, keep reading Indiatimes.com.