Ransomware removal experts have cautioned users against a rising cyber threat known as NSB Ransomware. It is classified under the type of File Encoder Trojan. This ransomware effectively makes its victim a hostage.
Analysis of the NSB Ransomware
NSB Ransomware acts like other ransomware as it blocks access to the files of a system. NSB stands for “National Security Bureau”. Ransomware removal analysts unearthed it on July 20, 2018. It has been estimated that more than 30 PCs have been attacked by the NSB Ransomware. After its operation, it forces victims to pay money.
According to ransomware removal analysts, the ransomware not only blocks access to files but also destructs the internal components of a computer. Victims are given a decryption key in exchange for ransom to unlock their files.
The cryptographic algorithm used by NSB is AES (Advanced Encryption Standard). The ransomware also provides a message that contains its full form “National Security Bureau” after locking the screen of its users. The extension used for encryption is a default one. Ransom details are given in the form of white text that is located on the top of the screen.
The ransom amount like other ransomware campaigns is demanded in the form of the cryptocurrency, bitcoin. Currently, NSB’s general ransom amount is equal to 0.026 BTC or $200. The ransom note also contains a last date for the payment. Failure to comply with this deadline is threatened with the loss of data.
However, ransomware removal experts have dissuaded users to pay any amount of ransom as many people are unable to think properly in such attacks and pay hurriedly to procure access of their data. Experts have noticed that cybercriminals do not provide any decryption key to unlock files. Thus, a better strategy will be to strengthen one’s security as well as maintain regular backups.