New Ransomware Forces People to be Charitable to Get Their Data Back

New Ransomware Forces People to be Charitable to Get Their Data Back

This ransomware was discovered by threat analysis firm CloudSEK, which identifies it as “global malware.” The security bulletin notes it will encrypt photos, documents, and other important files. The malware encrypts files with AES and also uses a 722.45 second sleep timer to interfere with real-time analysis. The security bulletin states the group has “very unusual demands” and it’s not kidding. In order to recover their data, victims must perform three selfless acts, and document them all on social media. People who are struck by the attack are greeted with an image explaining the group’s motives. It states they are not “hungry for money.” Instead, they want to give people “a hard lesson to always help poor people and needy people.”

New Ransomware Forces People to be Charitable to Get Their Data Back

The first stage of file recovery involves giving clothes and blankets to people on the side of the road. The instructions note people can die without adequate clothing. In order to satisfy the requirement, the victim must take video of the event. Then they have to post it to an Instagram, Facebook, or WhatsApp story using a photo frame provided by the hackers. They must also encourage others to do likewise. Finally, they have to screenshot the story and email it to the group in order to proceed to the next round.

The next phase is about feeding hungry children. The victim has to pick up five kids under the age of 13 and take them to dinner. This has to take place at a Dominos, KFC, or Pizza Hut. It’s not clear why an actual restaurant like Olive Garden was left off the list. It’s also not stated whether you must accompany them to the nearest bathroom afterwards. Once they’ve devoured some fast food the victim has to take selfies documenting their “happy faces.” Naturally, the selfies need to be made into a story for social media. They must also email the hackers a copy of the receipt and the requisite screenshots. After that’s verified, and you’ve returned said children to wherever you found them, it’s off to the final phase.

New Ransomware Forces People to be Charitable to Get Their Data Back

The third task is arguably the most difficult: you must pay someone’s hospital tab. In the United States, this could be a minefield since you never know what insurance will cover. It also seems like this would be something that’s impossible to figure out. However, the instructions say they should go to a hospital and start talking to people. Naturally they must record the conversation. This chat will include the victim telling them they don’t need to worry anymore. They are then instructed to pay the “maximum part of required amount.” To finish the phase, they must send the hackers the audio recording, but there’s no requirement to submit proof of payment. Finally, it’s time for the last social media post. This post summarizes the person’s transformation into a good Samaritan, all thanks to malware. Once all conditions are met, the victim receives a decryption kit and should be able to recover their data.

CloudSEK says it’s been able to trace the origins of this attack to a group in India. This was discovered through IP addresses and the language used in some of the code. Though GoodWill is different in nature to other ransomware attacks, mitigation efforts are the same. Always have a backup of important documents. In addition, make sure to test your backups to make sure they are working. Even better, regularly save image files of your installation to quickly restore your PC. Of course, regular PC habits apply as well, such as using two-factor authentication, not clicking on links in email, etc. Be careful, or you might end up at KFC, or worse, a hospital.

Continue reading

Scientists Confirm the Presence of Water on the Moon
Scientists Confirm the Presence of Water on the Moon

Scientists have confirmed the discovery of molecular water on the moon. Is there any of it in a form we can use? That's less clear.

Review: The Oculus Quest 2 Could Be the Tipping Point for VR Mass Adoption
Review: The Oculus Quest 2 Could Be the Tipping Point for VR Mass Adoption

The Oculus Quest 2 is now available, and it's an improvement over the original in every way that matters. And yet, it's $100 less expensive than the last release. Having spent some time with the Quest 2, I believe we might look back on it as the headset that finally made VR accessible to mainstream consumers.

Protect Your Online Privacy With the 5 Best VPNs
Protect Your Online Privacy With the 5 Best VPNs

Investing in a VPN is a smart choice right now, but the options are vast. To help narrow things down a bit, we've rounded up five of our very favorite consumer services.

Astronomers Spot Earth-Sized Rogue Planet Wandering the Galaxy
Astronomers Spot Earth-Sized Rogue Planet Wandering the Galaxy

Astronomers have identified more than 4,000 exoplanets orbiting other stars but just a few "rogue planets" wandering the galaxy without a star to call home. A new study claims to have spotted one of these worlds, and it may be a small, rocky world like Earth.