Ransomware Jaff is new threat to computer users

By Balamurugan Selvaraj Published on May 16, 2017 03:36 PM IST

For the past five days, nearly 2,00,000 computers have been threatened by the creepy WannaCry ransomware. Even before countries can come out of it, cyber criminals have started spreading two other ransomware series across the world.

Though the attack rate is not high when compared to WannaCry, these, too, created a chaotic environment. A new ransomware, named Jaff, has been threatening online users on a wide range to pay ransom which is about $3,300 in Bitcoins to decrypt their files.

Last week, some actors made a malicious email campaign across the globe to spread this ransomware at the rate of five million emails in an hour. Security researchers says, ‘Jaff ransomware written in C language has been distributed with ever known Necurs botnet that currently controls over 6 million infected computers worldwide.’

Necurs botnet, the distributor of many popular malwares, remained silent till last month.

Last week, actors behind the ransomware started sending malicious emails from 9 am to 1 pm. It has been recorded that around 13 million emails have been sent in the time. Necurs botnet has sent mails to millions of users with a pdf document containing malicious macroscript.

As soon as the victim opens the email attachment, the malicious file executes the ransomware and infects the files. According to a malware traffic site, "It’s the same type of malspam we’ve seen before with PDF attachments containing embedded Word documents (with malicious macros) --> follow-up malware."

Similar to WannaCry, this ransomware infection spreads via mails, but it is unique. So, researchers across the world advised Internet users, enterprises, journalists and media organisations to ensure the type of file they receive. This ransomware is spread by a normal but malicious pdf file attached in a mail.

So, check before you open and think before you pay to those actors. Also, users are requested to scan the files and attachments from the multiple times, which you receive through mails. And stay updated to prevent from ransomware infection.