Home Malware Programs Ransomware Asus Ransomware

Asus Ransomware

Posted: October 31, 2019

The Asus Ransomware is a file-locking Trojan that's a part of the Ransomware-as-a-Service business known as Dharma Ransomware. This custom variant of the family includes a different theme and address, but still uses encryption for extorting money by blocking digital media. Users can keep their files backed up to a secure device for removing the majority of danger from its attacks, and have anti-malware software for removing the Asus Ransomware on sight.

A Trojan's Calling Out Taiwanese Manufacturing

A new file-locking Trojan from an old family is, appropriately, using a computer manufacturer as its theme of preference. This habit of borrowing others' identities for illicit attacks is something that malware experts see occasionally, and even includes call-outs to specific individuals (such as security researchers), although it remains rarer than other thematic choices. The Asus Ransomware, a variant of the Dharma Ransomware, is, besides the name choice, similar in behavior and danger to its hundreds of relatives.

The Asus Ransomware's family is one of the largest in the Ransomware-as-a-Service sector and owes its profits to members like the Bot Ransomware, the Dqb Ransomware, the Group Ransomware, the Nqix Ransomware and the Php Ransomware. While malware experts can't link the Asus Ransomware to particular infection strategies, most threat actors prefer installing the Dharma Ransomware variants on vulnerable servers. Vulnerabilities that could invite an Asus Ransomware attack include outdated software, poorly-chosen passwords, or enabling macros in an e-mail attachment.

The Asus Ransomware contains all the expected Registry changes, AES encryption routine (for locking files), extension changes, and ransom notes that are usual for its family. Users might note the choice of its name, however, which it repeats in the extensions on any blocked media. This name is a direct reference to Taiwan's AsusTek Computer Inc, although no exceptional compatibility with such hardware is native to the Dharma Ransomware family.

What to Do When a Brand is a Trojan's Plaything

The Asus Ransomware's taking a company name for itself doesn't imply any favoritism towards that entity's customers or employees. While average businesses may invite targeting unintentionally, such as by using misconfigured servers, even random PC owners are at risk from file-locking Trojans' attacks. Backups can mitigate the problems that come with encryption-locked data, although both the Windows Shadow Volume Copies and, increasingly, network-attached storage may not be safe.

Network administrators can depend on security patches for relevant software and secure credentials for disabling many attempted attacks. Malware researchers also recommend leaving macros inactive in all but absolutely-trustworthy documents and spreadsheet files. Average users also should scan their downloads, especially from questionable sources like torrent networks, before opening them.

The Asus Ransomware's encryption is secure, and 'unlocking' content from a modern version of its family is impractical. However, anti-malware products from nearly every major security company can remove the Asus Ransomware accurately, as per current detection rates.

While malware researchers await more reports on which targets are falling victim to the Asus Ransomware infections, encryption is a universal issue. Anyone with files should count their worth carefully, or the Ransomware-as-a-Service industry will do it for them.

Related Posts

Loading...