New ShadowGate Ransomware Installs Immediately
By: Jim Stickley and Tina Davis
July 3, 2019
A new version of ransomware called ShadowGate is aggressively infecting websites and not even bothering to lurk around in the shadows hiding from you. As soon as a user visits a website infected with this ransomware, files are immediately locked up, an unpleasant notification pops up letting you know about it, and those files are held for ransom to the tune of hundreds of Bitcoin. These days, that’s in the tens of thousands of Dollars. Whatever can you do?
First, always double and triple check URLs when visiting them, especially if you will be entering personal information. It’s very easy to mistype a website and get to one you didn’t intend. Often, it’s harmless. However, with ransomware like this roaming around out there, it’s spooky indeed to think you could be getting caught out by ransomware.
Next, keep current backups of the important data on your devices. This goes for all of them. These days, no type of device or operating system is immune to attacks. If you have a backup and do manage to get that ransom note, just restore from a backup and all you’ve likely lost is time and a few hairs with the frustration.
Always keep devices current with patches and versions of the operating system and software running on them. This includes all security products, such as anti-virus software. While it doesn’t catch all of it, it does catch enough to be worth having it and keeping it up to date.
Never pay a ransom. There is never any guarantee that the attackers will give you a valid unlocking key. Even if they do, most of the time, they don't work and your data and your money are gone.
As a reminder, never open attachments or click links in email messages that are unexpected or come from unknown sources. While this one doesn’t seem to be spreading that way, many others do.