Frogo Ransomware Notification


Frogo Ransomware Notification

  28-03-2018   |   By Kashif

placeholder image

FROGO is a new variant of Ransomware which has showed up recently in the UAE networks.

A leading hospital and a semi government agency was recently attacked by FROGO Ransomware.

  • All the latest versions of Windows OS such as Windows XP/Vista/7/8/8.1/10 are affected by FROGO.

It usually initially makes access to the Windows Registry Editor for modifying values under the Run and RunOnce keys. This modification enables the automatic start of Frogo Ransomware payload every time the operating system gets launched up. It, implements a deep scanning of the system in search of the files matching with its target list. According to experts, it commonly victimizes the common file formats which do stores valuable information including media files (audio, images, video) databases, archives, documents, projects and many more.

After the scanning process for files and shares, FROGO encrypts the files and adds “.frogo” as the extension.

How does FROGO enter a system?

Emails and email attachments is the most used vector to deliver RANSOMWARE and FROGO is no different in this. Through Junk and Spam emails the infections delivered to a user, who may have opened an attachment or clicked a link in the email, which allows the drive-by download to happen.

Pirated software, Games and other ways of infection delivery is also popular.

How to Prevent such attacks.

In the real estate business, its “Location “, “Location”, “Location”. In the current threat world of IT, we emphasize on “Backup”, “Backup”, “Backup”.

Deploy a robust email security solution – which will scan the attachments and the links in the email for suspicious activity.

Run an awareness campaign in the organization and educate all the users of such threats. No real security can be achieved without the cooperation and participation of the stakeholders as well as all the employees.

Engage with an IT service provider to ensure that the IT Security systems are maintained and ask them for reports on the IT infrastructure.