code on a computer

New Ransomware Instantly Deletes Computer Files

Federal law enforcement agencies have lost nearly 1,000 guns since 2006. The Department of Homeland Security, the Bureau of Land Management, and the Federal Bureau of Prisons lose countless guns, grenades, bullets, and other “expendables” every year to theft and poor inventory tracking.

The latest ransomware strain almost instantly wipes files from a user’s computer while leading the user to believe files can still be recovered. 

Cybersecurity researchers at threat intelligence firm, Cisco Talos, said this Ranscam attack relies on simple intimidation rather than complexity.

Once a user’s machine is infected, Ranscam starts out like any other type of ransomware. Victims are told to pay 0.2 BTC ($130 US) to unlock their files, which Ranscam claims have been moved to a hidden partition and encrypted.

“Once your Bitcoin payment is received your computer and files will be returned to normal instantly,” the ransom note claims.

If a user clicks the verification button alerting the hacker of payment, the note changes into an image with a “Payment not verified” button, and threatens to delete one file everytime the user clicks that button without paying.

In reality, the button does nothing, as the user’s files have already been erased and are unrecoverable.

Researchers claim the malware works as follows: a .NET executable calls on a batch file which multiplies and populates throughout the victim’s file system. From there, a script deletes a slew of important files: the core Windows .EXE responsible for System restores, shadow copies, and registry keys associated with booting the machine into Safe Mode.

Cisco Talos researchers said the lack of encryption/decryption capabilities suggests that cyber thieves have stripped down the malware to make a quick buck with little trouble. It also suggests that the ransomware is making its way down the cybercriminal food chain to its lowest levels.


Posted in General News

Tags: FBI, DHS, DOJ, FBI training, carrying firearms, tracing firearms, BLM, DOJ IG


This Week on FEDtalk

Understanding Border Security from the Front Lines

The U.S. borders have inundated news cycles in recent months.  To find out what’s really going on, tune in to FEDtalk to hear a group of federal law enforcement professionals discuss what they experience at the border and what they need to do their mission. 

Read more ...

Hear it from FLEOA

FLEOA Takes Steps to Protect Members During Shutdown

On Wednesday, the Federal Law Enforcement Officers Association sent a memo to its members detailing its response to the government shutdown.  The full text of the statement from FLEOA President Nate Catura is below:

Read more ...

The free weekly e-report for Federal Law Enforcement

Get in touch with us

Email FEDagent publisher

Copyright 2019
Hosted by Peak Media Company, LLC