Snatch Ransomware’s sneak attack – Reboots PC into safe mode and encrypts

Published: 17 December 2019
Snatch Ransomware

Cybersecurity experts are perfecting the shield providing the best approach to prevent hackers from stealing the data. Yet, hackers make their offense stronger involving more tricks into play. Another NEW attack ‘Snatch Ransomware’ has made quite a buzz in the IT space making its way to the list of nightmarish cyberthreats.

What exactly is a Snatch Ransomware?

Snatch basically runs on its own in a Windows system, giving elevated access. It runs sneakily with the name of ‘SuperBackupMan’ and encrypts the user’s files. Snatch not only goes undetected by the antivirus, it also steals the data from the system. On reboot, the system runs in a safe mode and the snatch takes over the system using the windows component.

Researches from Sophos who found the snatch ransomware believes snatch has been active since the summer of 2018. This trick to use Windows in safe mode is quite dangerous and the exploit of this windows vulnerability is another growing threat which other cyber attackers may use it to their advantage.

What Next?

With snatch sneaking its way into the organization. Having a better security is a must. Here, are some of the ways to protect your organization from cyberthreats

  • Ensure your remote access tools like VNC and TeamViewer are highly protected. As snatch team are looking for ways to hack into a system and are always in the lookout for vulnerabilities.
  • Having VPN gives the network an anonymity when accessing the Internet. So, only the users with VPN credentials must access the network protecting your data from criminals who wants to break into the network.
  • Implementing IAM in your organization is a must as it provides the right access to the right people at the right time. It offers enhanced security with Multifactor authentication approach and prevents cyberattacks and protects the user’s data.
  • No matter how good your security is, if its not updated regularly, it’s of no use as the bugs aren’t fixed. So, ensure your systems are regularly updated.

Finally, even after doing all the precautionary measure, there is still one more piece of advice that every organization must follow. Its quite simple, educate everyone from your organization about the growing threats and security measures because no matter how many security experts you hire, “security is everyone’s responsibility”.