New Anatova Ransomware Morphs as an App or a Game Itself to Dupe Victims: McAfee

A new ransomware named Anatova has been exposed by McAfee, and the security firm that claims the ransomware disguises itself as software and free games to attract individuals to download it. This ransomware has hit many individuals mostly in the US, but it’s been spotted in Germany, Belgium, the UK, France, and other European countries as well. McAfee entitles that its modular extension capabilities and the new code behind this ransomware, suggests that seasoned threat or malware developers are behind this, and it seems to have first appeared on January 1.

The new Anatova ransomware family was discovered in a private peer-to-peer (p2p) network, and McAfee feels that it can become a thoughtful malware or threat since the code is prepared for modular postponement. The research company notes that the main goal of Anatova is to code all the files it can before requesting payment from the victim.

The ransomware morphs itself into the icon of an application or game to fool and try the individual into downloading it. Once downloaded, Anatova will encode all or many files on the infected device and insist on payment to unlock them. “The malware developers demand a ransom payment in cryptocurrency of 10 Dash – currently valued at a quite high amount compared to other ransomware families,” and the company notes.

McAfee says that Anatova creates RSA Pair of Keys using a crypto API that will code all threats. This function is the same as in other ransomware families. It ensures that the keys be used are per execution and per user. It then writes a ransom note that includes the payment mode and the email address.

“Anatova has the potential to become very dangerous with its modular architecture which means that new functionalities can always be easily added. The malware is written by experienced authors that have embedded enough functionality to ensure the typical methods to overcome ransomware ineffective,” said Christiaan Beek, who is the principle and also the lead scientist and engineer at McAfee, said ZDnet.

The report also states that Anatova will dismiss itself if it finds that the victim is a member of the Commonwealth of Independent States – made up of former Soviet nations, comprising Russia. It will also not infect devices in Egypt, Syria, Morocco, India, and Iraq. While Indian users are safe for now, so we acclaim all Internet users to download any apps or unofficial games with caution.

John Woods is a self-professed security expert; he has been making the people aware of the security threats. His passion is to write about Cyber security, malware, social engineering, Games,internet and new media. He writes for McAfee products at mcafee.com/activate or www.mcafee.com/activate .

SOURCE – https://mcafeeassistanceservices.com/blog/new-anatova-ransomware-morphs-as-an-app-or-a-game-itself-to-dupe-victims-mcafee/

Comments are closed