Authored by a Symantec employee

 

Although Dridex (W32.Cridex) and Locky (Trojan.Cryptolocker.AF) have been unusually quiet, a new type of ransomware may be taking their place on the online threat landscape. Bart, a new ransomware variant, introduced by the same cybercriminal group behind Dridex and Locky, was spotted late last week.

ProofPoint researchers recently observed a large malware campaign distributing .zip attachments — mostly labeled as photos, images, or pictures — that contained JavaScript code (JS.Nemucod. Once opened, the attachments download and install RockLoader (Downloader.Zirchap) malware, which in turn downloads the Bart ransomware.

Bart then encrypts files with certain extensions on compromised computers. It displays its ransom note through a text file and the desktop wallpaper. Then the ransomware demands payment from the victim, promising that the encrypted files will then be decrypted.

How to Stay Protected

Norton Security products protect your computer against Bart. If you have Norton Security on your computer, it will detect the Bart ransomware. Remember, backing up your files is a preemptive strike against cybercriminals who try to hold your information for ransom. Under no circumstances should you pay the ransom, as it’s not guaranteed that you will get your data back.


Disclaimers and references:
Symantec Corporation, the world’s leading cyber security company, allows organizations, governments, and people to secure their most important data wherever it lives. More than 50 million people and families rely on Symantec’s Norton and LifeLock comprehensive digital safety platform to help protect their personal information, devices, home networks, and identities.

© 2017 Symantec Corporation. All rights reserved. Symantec, the Symantec Logo, the Checkmark Logo, Norton, Norton by Symantec, LifeLock, and the Lockman Logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Google Chrome is a trademark of Google, Inc. Mac, iPhone and iPad are trademarks of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution License. Other names may be trademarks of their respective owners.