Beware: Karma ransomware cloaks itself as helpful utility program
A new ransomware agent has been discovered by a security researcher posing as a utility program. The ransomware disguises itself as a helpful program called Windows TuneUp. Users are drawn and persuaded to download the program under the guise of a tool that will help boost their PC’s performance.
Upon installation, though, the ransomware known as Karma will take effect, scanning the user’s computer to determine whether or not the PC it landed on is a virtual machine or not. If it is, Karma will cease operations. However, if it’s not a virtual machine, Karma will proceed to infect the PC and all the files it contains.
The ransomware manages to do this by connecting to the computer’s command and control server. If it is successful, user security will be completely compromised as Karma will scan every nook and cranny to retrieve encryption keys, followed by a series of its own encryptions. It will contaminate and encrypt files by the hundreds, and the respective files will be marked with a .karma extension.
It has also been discovered that Karma uses an ad system where advertisers can pay those behind Karma for every installation Karma pulls, as the ransomware comes with a series of free software “gifted” to users.
The saving grace is the fact that Karma doesn’t have a command and control server to connect to anymore. This means that while users might have gotten off easy with Karma, the threat is as real as ever and users should be extra cautious when downloading anything from the internet, especially when the offer seems too good to pass because that’s when most of the times, they probably should.
RELATED STORIES TO CHECK OUT:
- Clean the Windows 8, 10 Store and Windows 8.1, 10 Apps with AVG PC TuneUp
- DXXD ransomware developers make the malware impossible to decrypt
- Zepto ransomware is back, Windows Defender can’t block it
What Android emulator is the best for my Windows PC? Bluestacks MeMu Nox Remix OS Player Droid4X AMIDuOS Windroy Genymotion Xamarin Android Player Andy We’re […]
Recently, a security researcher @SandboxEscaper disclosed in a tweet which has been deleted (the account also has been removed), that the task scheduler is vulnerable […]
Microsoft may be developing a new wireless charging system called “Ultrafast’” for its devices, if a newly discovered patent gets approved for mass production. This […]