Quick Heal - the Indian cyber security firm and makers of an antivirus suite for multiple devices - have discovered a rather unique ransomware that bucks the trend and doesn't ask for money.
Instead, what it wants is a repeal of the three farm acts that have triggered a farmers’ agitation throughout India. These protests have so far run the entire gamut – veering from the peaceful to the vandalistic - but now they are making their way online.
Ransomware can take your data hostage
Before we get to Sarbloh, it would help if I gave you a basic rundown of what a ransomware is and what it does. Simply put, ransomware is a form of extortion racket that hacking groups use to embezzle money from unfortunate victims.
It is a form of malware or malicious software designed to take computer data hostage. It does so by encrypting or locking all the data on any system using a strong encryption key.
Ransomware can be spread through various means, but the most popular ones are those that involve phishing emails or hiding the code in spam.
Once a user’s system is infected, the malware spreads and locks down all files present on a user’s computer, similar to locking a door using a big lock. The catch here is that the key is with the hacker and you need to meet his demands in order to get it.
If that thought sounds scary, it is. It's like someone first infecting you with a disease and then offering the cure, at a price.
Some of the more popular examples of Ransomware are ILOVEYOU that racked up bills worth $15 billion in 2000 or Stuxnet, which actually destroyed uranium enriching facilities in Iran.
What is Sarbloh?
The word itself loosely translates to 'wrought iron', the metal used to create a 'khanda', which is a double-edged knife or a sword. In the historical context, it was used by Guru Gobind Singh Ji during the initiation of the first batch of 'Amrit Sanchaars' to the order of Khalsa.
The group that has so far claimed responsibility for the ransomware call themselves the Khalsa Cyber Fauj (army).
According to Michael Gillespie - the creator of ID ransomware that is used to identify the malicious software - Sarbloh is based on a branch of open-source ransomware known as KhalsaCrypt.
This is bad news because there are no known weaknesses of this particular branch of malicious code. If you are infected, chances are that you are never going to see your files again.
Like I said, Sarbloh doesn't want your money. It wants to see the farm laws repealed. The problem is the people that are going to get caught in the crossfire.
What can I do to prevent my PC from being infected?
The number one thing on your list should be to install antivirus software, if you haven't done so already. There are scores of antivirus providers just a Google search away. Choose one, pay for a yearly subscription and be done with it.
Do not, under any circumstances, download attachments from mails without checking to see if you recognize the sender. It's also good practice to not fall for phishing emails that are designed to lure you in under false pretences.
Remember, no payment or authentication service will ask for your password, OTP or your user name. If you do get mails with those requests, ignore or mark these mails as 'Spam'.
You are also not going to make money sitting at home or get loans at super low interest rates and you are especially never going to help some poor cancer patient in some far-off country by donating money. So don't.Since the primary source of infection seems to be email, there are chances that the code might be sitting in your inbox right this instant. Just remember these tips and don't open any attachments or download them from emails, which you don't trust.