security company cloudSEK It has found a new type of ransomware that acts completely differently from other similar cyberattacks: the new threat is a “good virus”.
Initially, Goodwill It acts like other ransomware: when it infects the victim’s computer, it encrypts files and blocks data access or computer use. That’s when its real action begins: instead of demanding ransom money, it asks the user to: do good deeds in the community.
In total, good deeds have three “steps”. Firstly donate clothes or blankets the second for the homeless is to pay meals to the needy in famous cafeterias, and the third is to provide financial assistance to the health care services of those who need it but have no money.
All this should be recorded. photos, sounds and videos, in addition to posts on social networks to prove their community actions and ask other people to do the same. Only then will the cybercriminals send the release key to the files in addition to sending a kind of “certificate” to the donor.
According to CloudSEK, GoodWill is a variant of another ransomware. Secret Tearis open source and can be customized for other attacks. Its origin has been traced back to an Indian digital security company, and the scam has been operating since March 2022.
So far, GoodWill has no confirmed victims. It’s worth remembering that security experts advise victims not to pay the ransom, or in this case, simply perform and record social actions to send evidence. There is no guarantee that the encryption will actually be recovered.
Source: Tec Mundo
