Microsoft Windows Operating System users have been cautioned about the emergence of a new type of ransomware called ‘Big Head.’ Security analysts at Fortinet have discovered that this malware is being distributed online disguised as Windows security updates and Microsoft Word software. Additionally, cybersecurity firm Trend Micro reports that the hackers behind the ransomware are utilizing malvertising as a distribution method.
What sets this particular malicious software apart from other ransomware strains is its ability to function as a data wiper. If the victim fails to pay the ransom in a timely manner or refuses to comply, the ransomware will execute the wiping of data. Disturbingly, Big Head also possesses the capability to infect backup systems and archives that are connected to the same network. This is in addition to its standard features, such as stealing data from browsing history and directories, encrypting the information, and demanding a ransom for its release.
On a separate note, a study conducted by Object First reveals that over 40% of consumers loyal to a specific brand would consider abandoning the company if it were found to be infected with ransomware.
Furthermore, a report compiled by the European Union Agency for Cybersecurity (ENISA) highlights a disconcerting trend among infamous file-encrypting malware groups. They are primarily targeting the healthcare sector in the UK. Several reasons contribute to this alarming trend. Firstly, many healthcare organizations lack the necessary budget to implement effective security measures. Secondly, they often lack skilled personnel capable of handling such situations with expertise and technical knowledge. Lastly, stolen health and financial information can be sold for £30 per 100 usable data accounts on the dark web.
The spread of Big Head ransomware serves as a reminder of the ongoing threat posed by ransomware attacks and the importance of robust cybersecurity measures to safeguard sensitive data and critical systems. Users are urged to exercise caution when downloading software updates or opening email attachments, and organizations should prioritize investing in cybersecurity resources to protect against such threats.
Ad