Short Bytes: The recently discovered Breaking Bad ransomware remains undetected by the majority of the 57 security products listed on Google’s VirusTotal antivirus aggregator. Know more about how it works.
This ransomware is the 4th one detected by the company in September and it’s targetting users using a new campaign in Scandinavia and it’s continuously spreading.
The Breaking Bad ransomware remains undetected by the majority of the 57 security products listed on Google’s VirusTotal antivirus aggregator. It’s named so because it encrypts user’s most important documents and renames the files with “.breaking_bad” file extension.
This campaign is spreading using spam emails that come with a Microsoft Word document. As soon as you open the document, it executes and download this malicious ransomware on your computer.
After the attack, your files are encrypted and you can recover data after you pay the ransom.
The Breaking Bad ransomware uses the same age-old Microsoft Word macro trick of packaging the download commands. The technique is widely popular as the it allows them to create files that are non-malicious by nature. This same reason could be attributed to the fact that it’s going undetected. It looks like a Word documents and it just has an instruction to download a file from the web.
To protect yourself from these ransomware and other threats, avoid opening such random documents that come from unknown email sources.
Update: As the news has spread, more number of products are detecting the ransomware.
Also read: Google Tells You How To Stay Safe Online