Cyber criminals are trying to make money from the typically soft target healthcare has displayed because of its overall weak security.
Hasherezade, a security researcher at Malwarebytes said the DMA locker ransomware has returned and it seems bigger and more threatening than before. This relatively advanced and extremely dangerous strain of ransomware is currently being dispatched utilizing the widely used Neutrino exploit kit, and could reach a large scale in the near future. DMA Locker encrypts local drives and network shares. Several of its functions are automated utilizing rented exploit kits. Version 1.0 of the virus had been somewhat harmless and never really created much of a concern to anti-malware companies. This most recent version of the virus is prepared to generate a new trend of ransoms directed at the healthcare sector.
Researchers have noted that many of the defects in the initial DMA Locker seem to be patched, and it might be deployed in widespread attacks in the near future.
Once the targeted computer is infected, the malware connects to remote command-and-control servers to create individual and very strong encryption keys, instead of keeping them locally as in the past. Reverse engineering the encryption isn’t likely at this point. Now, decryption requires a individual matching private key that has to be bought from the attacker in order to acquire entry to the encrypted files. Meaning that repeat infections will create more ransom demands.
To prevent such infections, you should have some kind of security solution and be scanning your system(s) regularly. A great free scanner would be Malwarebytes free anti-malware solution.