:quality(75)/cloudfront-us-east-1.images.arcpublishing.com/elcomercio/43V3RVTBYVCTDI4BXN3ULH47ZA.jpg)
One of the biggest digital problems of our time is the ransomwarea type of malicious software that manages to enter foreign computers, encrypts (Hide data using a key so that they cannot be interpreted by those who do not have it) the files it finds there, and demands the payment of a ransom to deliver the key which returns access to files
One of the best known is WannaCry, whose spread in 2017 left hospitals and ports in Europe without service, among others. WannaCry is associated with Lazarus, the North Korean government-linked cybercriminal group. Another example is Hive Ransomware that hijacked the data of the Costa Rican Social Security Fund (CCSS) and threatened to leak the institution’s information unless they acquire a program sold by cybercriminals.
Though experts recommend against paying ransomware ransoms and look for alternative methods to resolve the situation (rebuild information based on backup copies, for example), the specialized site Ransomwhere estimates that 113 million dollars have already been paid worldwide to recover encrypted files.
Payments are made almost exclusively on cryptocurrency platforms, which facilitate the circulation of currency and its “laundering” to prevent its path from being followed. But now a group is coming up with a different way to collect the loot from victims of their ransomware. GoodWill is a ransomware that does not ask for money in exchange for giving back access to infected files, but for actions that help the victim’s community.
As reported by the security consultancy CloudSEK, there is a new ransomware circulating from the group GoodWill (good will, in Spanish), which seems to have emerged in India and is based on HiddenTear, an open source ransomware (that is, anyone can take and adapt for their own use).
GoodWill does not require money as payment, but rather good deeds. Of course, they are not left to chance. Once it enters the infected computer, GoodWill encrypts documents, photos, videos, databases, and other files, and suggests three possible ways to receive the key that decrypts them.
First, donate clothes or blankets to people in need, record that action and post it on social media. Then, take five street kids to dinner at a local pizzeria (“treat them like they’re your little brothers,” says the message) and share the action on social networks, selfie included. The third good deed GoodWill victims should do involves providing financial assistance to someone who needs urgent medical care but cannot afford it; here it will also be necessary to keep a record of the good deed and share it so that the creators of this ransomware can verify what happened. Once those three actions are completed, the ransomware suggests that victims should also post an article on social media about the positive effect that having GoodWill-infected computers had on their lives.
For now, however, there are no known instances where the victims have actually carried out all the missions imposed by this malicious software.
RECOMMENDED VIDEO
Source: Elcomercio
I am a highly experienced and well-connected journalist, with a focus on healthcare news. I have worked for several major news outlets, and currently work as an author at 24 news recorder. My work has been featured in many prestigious publications, and I have a wide network of contacts in the healthcare industry. I am highly passionate about my work, and strive to provide accurate and timely information to my readers.
