A leading hospital and a semi government agency was recently attacked by FROGO Ransomware.
It usually initially makes access to the Windows Registry Editor for modifying values under the Run and RunOnce keys. This modification enables the automatic start of Frogo Ransomware payload every time the operating system gets launched up. It, implements a deep scanning of the system in search of the files matching with its target list. According to experts, it commonly victimizes the common file formats which do stores valuable information including media files (audio, images, video) databases, archives, documents, projects and many more.
After the scanning process for files and shares, FROGO encrypts the files and adds “.frogo” as the extension.
Emails and email attachments is the most used vector to deliver RANSOMWARE and FROGO is no different in this. Through Junk and Spam emails the infections delivered to a user, who may have opened an attachment or clicked a link in the email, which allows the drive-by download to happen.
Pirated software, Games and other ways of infection delivery is also popular.
In the real estate business, its “Location “, “Location”, “Location”. In the current threat world of IT, we emphasize on “Backup”, “Backup”, “Backup”.
Deploy a robust email security solution – which will scan the attachments and the links in the email for suspicious activity.
Run an awareness campaign in the organization and educate all the users of such threats. No real security can be achieved without the cooperation and participation of the stakeholders as well as all the employees.
Engage with an IT service provider to ensure that the IT Security systems are maintained and ask them for reports on the IT infrastructure.