In recent days, the word ransomware has become the most dreaded one in the Internet world. It is not just because of WannaCry alone but because of the havoc created by other ransomware, including Jaff, spora, etc., which went unnoticed.

Many believe that Microsoft alone was vulnerable to ransomware attack. But in this cyber world, noth-

ing is safe.The security flaws in new inventions and discoveries have left loopholes for attackers which they

use to control files and actions of computers. These loopholes, commonly called vulnerabilities, often get

patched by the manufacturer, after the ransomware or malware attack.

Here, the problem is not alone with manufacturers but with users, too, who overlook the patches

and avoid upgradation. Last week, XData, a new variant of ransomware was spoted in cyberspace

under the twitter handle, MalwareHunter.

Security researchers are analysing the malware to find its root cause of infection. As per reports,

XData has been rapidly spreading across the states of Ukraine, Russia and Germany. Similar to

other ransomwares, XData uses AES encryption to lock the files. As soon as it locks, it changes the

extension to ~xdata~. And the process behind the distribution is still unknown.

To find an in-depth view on ransomwares, Dailytuner asked some questions to a security researcher, the person behind the twitter handle @PolarToffee, a malware researcher from overseas.

Excerpts from his interview:

Q: How does XData infect a system?

A:Currently, we don’t know. In general, most ransomware does the same kind of things, such

as deleting shadow copies, encrypting files. XData seems to be no different.

Q: Is it a new variant in ransomware category?

A:Well, it is a new variant as in we haven’t seen this specific ransomware before.

Q: What is the reason behind large number of ransomware attacks?

A:Such attacks have been happening for a few years now. It sucks, but hopefully, it encourages

people to be more secure. You can limit the damage that ransomware can cause by doing Windows

updates, installing a decent AV and making reliable multiple backups.

Q: Most people tend to avoid updates. What is your opinion on this?

A: I would link them to what happened with WannaCry. By not installing updates, they risk people

possibly getting access to their system.

#Ransomware #TechNews #technews #malwarethreat #dalilytuner #dailytuner