A new ransomware family that poses as a game and demands $700 in cryptocurrency from the victim has been discovered.
First spotted by McAfee Labs, the “Anatova” ransomware targets consumers across the globe. Anatova was discovered in a private peer-to-peer network and poses as an icon of a game or app to trick victims into downloading it.
McAfee says these ‘aren’t your average hackers’ but experienced bad actors. The ransomware can morph quickly to add new evasion tactics and spreading mechanisms.
It does have some similarities with GrandCrab, though. The ransomware demands the victim to pay the ransom in the DASH currency.
McAfee also believes Anatova can be a serious player as it’s modular, meaning new functionalities can easily be added. The malware is written by ‘skilled authors’.
“Creating a quick and fast piece of ransomware is fairly easy for those with basic know-how,” commented Christiaan Beek, Lead Scientist & Principle Engineer at McAfee.
“Ransomware packed with functionality that is also difficult to analyse, such as Anatova, is more difficult to create from scratch. Anatova has the potential to become very dangerous with its modular architecture which means that new functionalities can easily be added. The malware is written by experienced authors that have embedded enough functionalities to be sure that typical methods to overcome ransomware will be ineffective, for instance data can’t be restored without payment and a generic decryption-tool cannot be created.”
Image Credit: WK1003Mike / Shutterstock