fantom ransomware header image

Halloween Fantom Ransomware Advice

Nic Esson Managed IT Support Services

Don’t let the Fantom menace haunt you this Halloween!

Fantom Ransomware is the latest type of malware to hit businesses hard. But even though it’s Halloween, you don’t have to let it freak you out…

Ransomware has evolved quicker than defence can be developed, and scammers are continually inventing ways of extracting money from users desperate to regain their all-important data.

Fantom is more sophisticated than the hijacking attempts seen in the early ransomware attacks because it disguises itself as an official Operating System update before demanding cash for data.

What does Fantom do?
Fantom fools users by disguising itself as a critical Windows update then ‘kidnapping’ data.
It prevents the user from moving to another screen, then encrypts files. Once Fantom completes the encryption, the malware software changes the background screen and prompts users to pay a ransom. With this trick, there is no treat.

Why is Fantom so Dangerous?
This form of malware is so prevalent because it pretends to be a Windows Update … and all IT technicians know it’s an industry mantra that you should always keep your system up to date.

Where has Fantom come from?
Believe it or not, Fantom is open source and any one can access and use it under the GNU Public License. It began as a toolkit for educational purposes. However, once it became common knowledge, those with dubious intent started modifying it for personal gain.

fantom ransomware

4 Steps to protect against Fantom Ransomware

1. Education
Ransomware continues to evolve, and the best line of defence is education. Sharing the knowledge of how to spot potential issues could prevent people falling prey to Ransonware scams such as Fantom. However, constant reminders and re-education are required as new methods of attack and infection continually emerge. IT departments can help educate users by frequently reminding them to:
• Always look for warning signs, such as pop-ups and malicious attachments
• Never open emails from an unfamiliar email address
• Never disable or deactivate their antivirus program.
• Never download unknown software
• Never click on any unknown attachment
• Never install programs from an unfamiliar source
• Check with IT if they are unsure about something

2. Keeping Up-to-Date
Ensuring operating systems, antivirus and anti-malware are up to date helps reduce the risk of malware attacks such as Fantom Ransomware.
A weakened Operating System (OS) normally occurs when vulnerabilities have been found within and can be exploited; some call them Backdoors. A weakened OS is the starting point for any attack. Hackers prey on companies and individuals running out-of-date software, which gives them an easy way in to the system. However, these vulnerabilities are normally fixed in the latest patch or update, so it is essential to keep your systems and protection current.

3. Backup
Backups are a necessary requirement when it comes to protection. Business and home users should ensure they back up their data regularly and consistently. This can be achieved in one of three ways:
• Manually
This is a method that many individual and small business use, and can be a simple USB connected hard drive. However, these pose a risk if they are never detached, as ransomware encrypts anything attached to the machine. It can even encrypt files on cloud drives such as Dropbox. If you use USB connected drives, ensure that you have several USB hard drives, disconnect them after every backup and rotate them.
• Automated
Automated backup can also use USB drives, but will still pose the same risk if you are not physically disconnecting them.
• Remote and Automated
By far the most comprehensive and protective form of backup is a type of software that connects only when needed and backs up to Network Attached Storage (NAS) or cloud storage. This type of software actually does the job of backing up the files and, as the location cannot be written to directly, stops the Malware in its tracks. This type of backup is the most effective, but you do need to ensure that you keep a number of versions of those backed-up files in case encrypted files are also backed up (in this case, you would be able to recover from a previous backup).

4. Next-generation firewall
Many Next-Generation Firewalls now provide subscriptions to Malware and Anti-Virus lists. These firewalls can inspect a file or webpage for threats before allowing it to the user’s PC, potentially keeping machines out of harm’s way.

Taking Cybersecurity seriously is imperative for all business. With cybercrime and fraud costing nearly £11bn,* it should be at the top of every company’s list of priorities, especially with ever more sophisticated scams such as Fantom Ransomware posing a real threat to business and personal data.
The key is to protect your business before your users fall prey to a scam like this.

Don’t let this Fantom menace hold your data hostage at Halloween, or indeed any time of year.

Read more about MirrorSphere's Managed IT Support Services...

<&nbsp>
*according to the National Fraud and Cyber Crime Reporting Centre