This malicious code encrypts the data and then asks for a “ransom” to decrypt the files.
In addition, there is a risk that the purpose of this malware is not only infecting a computer, but also the systems in a company network.
How could we avoid this malware?
If an user has been infected by ransomware, and his files have been encrypted, the only solution is to restore a security copy into a empty and formatted system.
If that security copy does not exist, the only way to save the information is paying the money requested by the attacker.
For that reason, Inprosec recommends both users and companies to follow the good practices in the field of the information security, like stablishing a security copies procedure, not opening emails from unknown sources or being careful with the received links.