Jigsaw to Odin: Ransomware inspired by Pop Culture

Jigsaw to Odin: Ransomware inspired by Pop Culture

Ransomware authors have been having a merry time throughout 2016. And the onslaught continues.

As is common knowledge by now, Ransomware is a malware that infiltrates Systems and devices via downloads/emails/websites and encrypts user’s data files. The malicious program then asks ask for a ‘ransom’ from the user(s) in exchange for a decryption key for the locked files.

Of late, Ransomware creators have increasingly been taking reference from pop culture. The latest to join the bandwagon is ‘Odin’ Ransomware, the updated version of Locky. But before going into how Odin works, here’s a brief recap of others taking a cue from popular movies and comics:

Jigsaw

 

Jigsaw ransomware

Possibly the first Ransomware to start this interesting nomenclature was Jigsaw. It was named – rather obviously – after the diabolical and sadistic mastermind in the Saw series. The films went on to become a ‘cult’ within lovers of the torture porn/horror genre.

The Jigsaw Ransomware was first spotted in April this year. Much like the villain its named after, Jigsaw taunted victims with lines like ‘I want to play a game with you’. It prayed on people’s fear of not only losing data permanently but also threatened to publish their personal files on a public domain, if they failed to pay up. Eventually, a decryption key was created to tame Jigsaw.

Also Read: Jigsaw Ransomware’s Terror – Save Your Data Before it Deletes

Fantom

Many of us who grew up in the 80s and 90s would remember the purple spandex clad vigilante-superhero Phantom. He might be a ‘forgotten hero’ today, but 90s heartthrob Billy Zane did a movie called ‘The Phantom’ way back in 1996. Fantom could also possibly be a reference to the disfigured anti-hero in Phantom of the Opera, the well-known French Gothic Horror novel, which was later turned into a film of the same name.

Fantom

Jakub Kroustek, a malware researcher at AVG was the first to discover Fantom in late August. It had an interesting mechanics to cheat victims out of their data. It operated – much like a Phantom – behind a fake Windows Update dialogue box. By the time users figured out the trick, their Systems would already be infected by Fantom.

Nagini

 

Nagini ransomware

This one pays a direct homage to Voldemort, the villain in the wildly popular Harry Potter series. The Ransomware is named after Nagini, the pet snake who devours anyone the evil Wizard has an enmity with.

Although it was in testing mode in late September, the Ransomware asked for Credit Card details for payments instead of the bitcoin, the standard ransom currency.

Odin

 

Odin Ransomware

Of all the Ransomware strains detected during the last two weeks, Odin is the most worrisome. Odin is Thor and Loki’s Father. Marvel fans would be all too familiar with these names.

Odin is the re-invention of the Locky/Zepto strain of Ransomware. It works more or less like Locky, although the infected file extensions become ‘.odin’.  However, Odin-hit files can be decrypted.

There is no specific ‘cure’ or even a ‘blocker’ for Ransomware attacks. But cyber security professionals usually come with decryption keys which are distributed free of charge to help victims. However, the best possible solution to not let Ransomware bother you is to back up your important files on a safe and secure server.

You can try using Ransomware Protector to that end. It’s a secure cloud service backup with unlimited storage plans. For more details on this service, visit www.ransomwareprotector.com.

What do you think of this mish mash between pop culture and one of the most widely spread Cyber threats of this decade? Let us know in the comments below.

Gargi Sengupta

Gargi is working with Systweak Software as Content Editor and Strategist. She believes Technology laced with Pop Culture, makes for an interesting combination. Beyond her work space, she fancies herself as a left-brained, right leaning conscientious individual with a weakness for good food, films, and fiction.

Leave a Reply

Your email address will not be published. Required fields are marked *

five × five =