Newly discovered Anatova ransomware targets gamers

Anatova Ransonware
Anatova is one of the most sophisticated ransonwares ever detected

Anatova ransomware which was discovered recently is being touted by security researchers as more advanced than the Ryuk ransomware which had hit in August last year.

The ransomware was first detected and reported by McAfee researchers who believe it can become a serious threat considering the code of the ransomware is built for module extension, i.e. new features can be added to the ransonware in future.

Anatova was detected by the McAfree security researches in a private P2P file sharing network which usually is used for sharing cracked games and software among other more legitimate uses.

So far the problems seems to be largely affecting the USA and parts of Europe.

Anatova ramsonware detection
Anatova Cases are on the rise since with almost 500 cases detected in last three weeks

Anatova tries to encrypt as much as possible

Anatova fools the user into clicking on the executable by replacing and mimicking the icon of a game or application and asks for admin rights, once granted it quickly tries to encrypt as many files as possible on the PC as well as check the network for any shared drives or folders and encrypt them too.

Anatova Ransom Note
Once encrypted the ransomware leaves a note asking ofr 10 DASH

Once the files are encrypted it asks the user to send 10 DASH cryptocurrency (approx $700) to a particular address to get the decryption software.

It also deletes the default volume shadow copies to ensure you can’t do a recovery.

Unique and sophisticated

One of the things that makes Anatova unique is that it is asking for the ransom in DASH instead of the typical Bitcoin or Monero.

This according to the researcher is due to the fact that DASH recently implemented several privacy enhancing protocols making it difficult to trace the transactions.

But Anatova is also incredibly sophisticated in the way it tries to evade analysis and detection which suggests that the ransomware wasn’t built on source code available for sale on the dark web, instead it was built from scratch by skilled malware authors.

Source | Via

ALSO READ  29 apps removed by Google were stealing pics

Leave a Comment