New Ransomware Forces People to be Charitable to Get Their Data Back

New Ransomware Forces People to be Charitable to Get Their Data Back

This ransomware was discovered by threat analysis firm CloudSEK, which identifies it as “global malware.” The security bulletin notes it will encrypt photos, documents, and other important files. The malware encrypts files with AES and also uses a 722.45 second sleep timer to interfere with real-time analysis. The security bulletin states the group has “very unusual demands” and it’s not kidding. In order to recover their data, victims must perform three selfless acts, and document them all on social media. People who are struck by the attack are greeted with an image explaining the group’s motives. It states they are not “hungry for money.” Instead, they want to give people “a hard lesson to always help poor people and needy people.”

New Ransomware Forces People to be Charitable to Get Their Data Back

The first stage of file recovery involves giving clothes and blankets to people on the side of the road. The instructions note people can die without adequate clothing. In order to satisfy the requirement, the victim must take video of the event. Then they have to post it to an Instagram, Facebook, or WhatsApp story using a photo frame provided by the hackers. They must also encourage others to do likewise. Finally, they have to screenshot the story and email it to the group in order to proceed to the next round.

The next phase is about feeding hungry children. The victim has to pick up five kids under the age of 13 and take them to dinner. This has to take place at a Dominos, KFC, or Pizza Hut. It’s not clear why an actual restaurant like Olive Garden was left off the list. It’s also not stated whether you must accompany them to the nearest bathroom afterwards. Once they’ve devoured some fast food the victim has to take selfies documenting their “happy faces.” Naturally, the selfies need to be made into a story for social media. They must also email the hackers a copy of the receipt and the requisite screenshots. After that’s verified, and you’ve returned said children to wherever you found them, it’s off to the final phase.

New Ransomware Forces People to be Charitable to Get Their Data Back

The third task is arguably the most difficult: you must pay someone’s hospital tab. In the United States, this could be a minefield since you never know what insurance will cover. It also seems like this would be something that’s impossible to figure out. However, the instructions say they should go to a hospital and start talking to people. Naturally they must record the conversation. This chat will include the victim telling them they don’t need to worry anymore. They are then instructed to pay the “maximum part of required amount.” To finish the phase, they must send the hackers the audio recording, but there’s no requirement to submit proof of payment. Finally, it’s time for the last social media post. This post summarizes the person’s transformation into a good Samaritan, all thanks to malware. Once all conditions are met, the victim receives a decryption kit and should be able to recover their data.

CloudSEK says it’s been able to trace the origins of this attack to a group in India. This was discovered through IP addresses and the language used in some of the code. Though GoodWill is different in nature to other ransomware attacks, mitigation efforts are the same. Always have a backup of important documents. In addition, make sure to test your backups to make sure they are working. Even better, regularly save image files of your installation to quickly restore your PC. Of course, regular PC habits apply as well, such as using two-factor authentication, not clicking on links in email, etc. Be careful, or you might end up at KFC, or worse, a hospital.

Continue reading

Elon Musk: SpaceX Will Send People to Mars in 4 to 6 Years
Elon Musk: SpaceX Will Send People to Mars in 4 to 6 Years

SpaceX and Tesla CEO Elon Musk likes to make bold claims. Sometimes he comes through, and we end up with a reusable Falcon 9 rocket, but Musk also has a tendency to get carried away, particularly when it comes to Mars. The SpaceX CEO has long promised a Mars colony on an aggressive, and some…

190,000 Ceiling Fans Recalled After Blades Fly Off, Hitting People
190,000 Ceiling Fans Recalled After Blades Fly Off, Hitting People

King of Fans is recalling some 190,000 ceiling fans sold through Home Depot after the blades began detaching during operation.

Signia Active Hearing Aids Review: For People Who Love Earbuds
Signia Active Hearing Aids Review: For People Who Love Earbuds

For many people, the idea of wearing hearing aids comes with a stigma, even if it would benefit them. So hearing aid companies have been working on new form factors to try and make that less of an issue. We review one of the latest, the earbud-shaped Active Pro model from Signia.

Newegg Forced People to Buy Gigabyte Power Supplies With Catastrophic Failure Rates
Newegg Forced People to Buy Gigabyte Power Supplies With Catastrophic Failure Rates

An investigation into Gigabyte power supplies has found that an unacceptable number of units suffer failures, many of them explosively. What makes all of this worse is that the same two model numbers known to be affected were part of Newegg's forced bundling program earlier this year.