https://www.linkedin.com/company/project-five https://www.youtube.com/channel/UCjVp0ZZj0ViVhTmvucqp_7A https://www.instagram.com/projectfiveit/
need IT support? Let's talk…
For existing customers, please call
For new enquiries, please call

St. George’s House
Knoll Road,
Camberley
Surrey
GU15 3SY

x close

Mercedes Oliveira

graphic designer

x close
RobinHood Ransomeware Exploit – and how to protect yourself
February 19, 2020

There is a security vulnerability doing the rounds, but this one is a little bit different – and potentially more dangerous – because it acts as a wedge to hold the door open for a second piece of malware to be installed. And your PC will know nothing about it, until it’s too late!

 

How it works
Cyber-criminals will send a file (usually by email) or embed it within a link, usually from a ‘recognisable’ source. If you open the file, it will install a driver on your PC for an old piece of hardware.

The driver is already digitally signed (it effectively comes with the green light to go ahead), so your PC lets it in. Windows won’t flag it and neither will your Anti-Virus, because it’s deemed to be ‘approved’.

This driver acts as a wedge, which then holds the door open for the hackers to be able to install their own driver, deactivate your anti-virus and then proceed to run RobinHood ransomware that will encrypt files on the infected systems.

 

What do I do if I think I’ve been compromised?
Contact your IT team immediately!

 

How can I protect myself?
Vigilance! As always, be careful with clicks, links and opening files which you are not expecting. If in doubt, contact your IT team!

Privilege Management Make sure you are not running as an Administrator on your PC – and if you need Administrator rights, then make sure this is done under a second, separate account that is not used for normal business operation.

 

 

Comments are closed.

what size is
your business?
what size is your business?