Spider Ransomware Gives You 96-Hours to Pay

The world of ransomware is constantly evolving, with a new malicious software known as Spider. It’s making the rounds as hackers’ latest attempts to hold personal information hostage. The ransomware gives victims a set of instructions and a 96-hour deadline to pay up or lose all their precious data.

How Does It Travel?
Hackers have been targeting unsuspecting smartphone users in the Balkans with this Spider ransomware, which was first discovered on December 10. Users get reeled in through a phishing scam with malicious MS Office files sent as attachments with the subject line “Debt Collection.”

Read More: How to Protect Your Data from Ransomware Attacks

Spider is designed using obfuscated macro code, meaning that if macros are enabled, the ransomware allows a PowerShell to enter the victim’s computer and lead them to a host website with directions.

What Happens Next?
The malware then links up with apps and cloud storage, which proceeds to encrypt and lock away all the user’s files using AES encryption, while adding a “.spider” extension to all their files. On the surface, these emails seem to be legitimate as anyone with credit card debt or unpaid bills could be fooled into believing that these files come from a reliable source.

Cybercriminals proceed to send a message in Bosnian to victims on the ransomware, notifying them that all their personal files have been encrypted and they won’t be able to access them without the key to open them. Victims are then given 96 hours to pay in bitcoin in order to get their files back, with hackers offering them directions on how to do so.

How Do Users Pay?
Victims are given a tutorial on how to pay, beginning with details on how to buy bitcoin and how much money they need to pay. They are then given instructions on how to download the Tor Browser, which is necessary to make the cryptocurrency payment anonymously. Users are then told where to send the payment and how to securely do it.

What Happens if Victims Don’t Pay?
If they fail to pay up in 96 hours, all their information will remain encrypted and permanently locked. The criminals warn victims not to try anything as the ransomware has the technology to delete all their files and damage their PC.

How Do I Protect Myself?
Individuals and businesses looking to avoid Spider should disable their macros, while also being cautious of messages that can only be opened by turning on their macros. For the time being, there is no way to decrypt the ransomware once it does strike due to how recent the technology is. The best thing you could do is install a security app like dfndr security with the advanced anti-hacking capabilities that can help fight a ransomware attack.