Ramsay joins the long list of threats that we can encounter when browsing the Internet. It is a new malware that puts users’ security in check. In this case we are facing a problem that can steal our Word, PDF or ZIP files. We will explain how this new malware can infect us and what we can do to protect our security and avoid being a victim.
Ramsay, the new threat that steals files
There are many varieties of malware that exist on the net. Many types of viruses that can compromise our systems. Some are designed to steal information, others can affect the proper functioning, open back doors, collect passwords … In this case Ramsay is a malware that aims to steal Word, PDF or ZIP files.
A group of security researchers has discovered this new threat that is present on the network. As they have indicated, it is possible that we get infected through a file with the extension RTF . This is a format that was developed by Microsoft in 1987 for cross-platform file sharing.
Specifically, it has been the computer security company ESET who has discovered this new threat. They indicate that they have detected three variants, although so far there are few victims that have been documented.
The first of these variants may have been in circulation since September 2019. It was a simpler version and the following two were more elaborate. These two variants have appeared at the end of March.
According to what they indicate, to introduce malware into the systems it takes advantage of two vulnerabilities that have been registered as CVE-2017-0199 and CVE-2017-11882. These two security flaws allow arbitrary code to be executed.
Furthermore, another of the more elaborate varieties, the malware masqueraded as an installer for the 7-zip file compression tool.
As we have indicated, Ramsay’s main objective is to steal files from the infected computer. They search for Word, PDF and ZIP files on the system, network drives and removable drives.
How to avoid becoming a victim of this problem
It is very important that we take steps to avoid falling victim to this problem. The goal is not only to prevent Ramsay malware from entering our computer, but any similar threat.
Something basic that we must take into account is to have security tools . A good antivirus can prevent the entry of malware that puts our systems at risk. But beyond an antivirus, we can also make use of other varieties of software designed to protect us.
In addition, something that can not miss is having the latest versions and patches installed. It is very important to correct possible vulnerabilities that may be in the systems. We accomplish this by installing available security updates .
Last, but perhaps most importantly, common sense is vital. Many threats will require user interaction. For example having to download a malicious file that we have received by email, clicking on a link that could be a threat, etc.