Malware News Karma ransomware bundles itself with free software downloads

Exterminator

Level 85
Thread author
Verified
Top Poster
Well-known
Oct 23, 2012
12,527
Another ransomware variant has recently been discovered, which pretends to be a freeware utility tool called Windows-TuneUp.

Dubbed 'Karma,' the crypto-malware was discovered by slipstream/RoL, a security researcher. The ransomware is one of many other malware that disguise themselves as legitimate software, this is of course in order to trick unsuspecting people into downloading them.

This time around, Karma masks itself as a utility program to optimize the Windows system. The program 'includes' tools like a disk cleaner, a RAM booster, a registry editor, and an unwanted software uninstaller. The user will be presented with performance statistics as well, making it seem even more real.

The program is bundled with other downloadable software from the internet. Through this, users get a hold of the program, which gets their system infected. A pay-per-install system is utilized within Karma, where an advertiser pays the publisher a commission for every install of free programs bundled with adware.

Once installed, Karma checks if it is running on a virtual machine. If this is affirmative, it then terminates. If not, it will start to connect to its command and control (C&C) server where it will retrieve encryption keys, scan all drives including those on a network, and then finally encrypt hundreds of file types. It will append a .karma extension to every file it encrypts.

Fortunately, according to Bleeping Computer, the C&C server has already been shut down. This means that if a user is infected, it will not start encrypting files as it cannot connect to its server.

Even though the ransomware is now inactive, this shows us how important it is to be careful about the things we download on the internet. Be wary as well with software that may seem too good to be true, as they could contain malware that could harm our computers.

Source: Bleeping Computer via Graham Cluley
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top