I want to make everyone aware of another new Russian ransomware strain called “Fessleak”. It is a new version that puts its code on system memory and not on the hard drives, meaning that antivirus does not pick it up. Very scary.
This new threat is hidden in malicious ads on popular websites. The hackers display these ads through legit ad networks. End-users visit a major site like Huffington Post, CBS Sports, or Match.com and check out an ad by clicking on it. Clicking that one link is enough to get confronted with a full screen that announces all assets on the computer or worse company network have been encrypted. They are effectively looking for a Bitcoin ransom.
In order to prepare for this and other malicious attacks, we recommend the following…
- Offsite Backups are key – and historical ones in case the current one is compromised. We recommend true business continuity so if the attack occurs you can be back up quick.
- Patch the Operating System and third party apps as soon as possible.
- Invest in a new Security Device with UTM Unified Threat Manager (most business class firewalls come with it standard) and/or a good Proxy to block ads centrally rather than machine by machine. (If you are off the network (at home), you should use an AdBlocker plugin for each browser.
- Pay for a VTA – Vulnerability Threat Assessment so a certified Security company can assess your current environment for weaknesses and holes and recommend immediate solutions to protect you and your business.
- And most important-Awareness! Educate your employees on what to look for, to avoid, and how to perform safe computer behavior.
Be careful out there!