We are issuing a warning to businesses to be on the lookout for the “GlobeImposter” or “Fake Globe” ransomware virus, which is once again making headlines. This variant of the ransomware virus has become part of a large-scale email-based campaign that manages to slip past the defenses of some unsuspecting companies.
GlobeImposter, also known as Fake Globe, is distributed through a malicious spam campaign. This can be spotted by it’s a lack of message content and an attached ZIP file. This type of spam is known as “blank slate”. It can also be distributed through exploits and malicious advertising, fake updates, and repacked infected installers.
As with all ransomware, GlobeImposter encrypts the victim’s files, making them irrevocable without payment. Most ransomware has a built-in file extension filter that will leave executable files intact. This variant, however, encrypts all executable files, rendering the system unbootable as a result.
It is vital that we properly educate our clients and provide the right tools to minimize the serious risk at hand.
While antivirus and firewalls are incredibly effective in reducing risk, you need a more robust security solution in place to defend against the increasingly dangerous threat landscape. To be fully protected, companies will need a proper, reliable backup and disaster recovery (BDR) solution with online and offline backup solutions as the ultimate failsafe against successful attacks.