Insights on the Capabilities of Three Politically-Themed Ransomware Campaigns

By on

We all hear politicians’ names week over week – what policies they’re working on, new initiatives they’re implementing for their respective country, the list goes on. And now, we’re hearing about their names in a new context. Specifically, former U.S. President Barack Obama, current U.S. President Donald Trump, and Chancellor of Germany Angela Merkel all now have ransomware campaigns named after them. But just how effective are these politically-themed threats and how do they impact users? Let’s break it down.

Just recently identified, the Obama ransomware campaign is a bit non-traditional in its approach. The threat only targets specific files on a user’s computer and actually attempts to stop some anti-malware products from doing their job. What’s more – the malware also uses a victim’s device to mine for cryptocurrency. Said to be created by the same cybercriminal group behind the Obama ransomware, the Trump ransomware variant is similar in its capabilities to the Obama variant, but is not nearly as developed.

Now, the ransomware campaign named after German leader Angela Merkel encrypts files using an extension dubbed .angelamerkel. It also demands Euros when making its ransom demand, so it stays pretty true to theme.

In short, all these ransomware campaigns are unique in their capabilities and objectives, similar to the politicians they are named for. Now, with all these strains out in the wild, what are the next steps for users wishing to stay protected from a ransomware attack? Start by following these tips:

  • Do a complete backup. With ransomware attacks locking away crucial data, you need to back up the data on all of your machines. If a machine becomes infected with ransomware, there’s no promise you’ll get that data back – it could even become wiped entirely in some cases. Therefore, make sure you cover all your bases and have your data stored on an external hard drive or in the cloud.
  • Use decryption tools. No More Ransom, an initiative McAfee is a part of, has a suite of tools to free your data, each tailored for a specific type of ransomware. If your device gets held for ransom, start by researching what type of ransomware it is. Then check out No More Ransom’s decryption tools and see if one is available for your specific strain of ransomware.
  • Use comprehensive security. To be prepared for ransomware or any other type of cyberattack that may come your way, it’s important you lock down all your devices with an extra layer of security. To do just that, use a comprehensive security solution.

Want to learn more about Ransomware and how to defend against it? Visit our dedicated ransomware page.

Categories: Consumer Threat Notices

Leave a Comment

Similar articles

Educational institutions are data-rich gold mines. From student and employee records to sensitive financial information, schools contain a plethora of data that can be obtained by cybercriminals rather easily due to lack of security protocols. This fact has cybercriminals pivoting their strategies, leading to a recent uptick in attacks on the education sector in the ...
Read Blog
The risk to your family's healthcare data often begins with that piece of paper on a clipboard your physician or hospital asks you to fill out or in the online application for healthcare you completed. That data gets transferred into a computer where a patient Electronic Health Record (EHR) is created or added to. From ...
Read Blog