INC Ransomware Threatens Data Leaks
INC is a form of ransomware designed to encrypt data and request payment in exchange for decryption. During our testing, this malicious program encrypted files and altered their filenames by adding a ".INC" extension. For instance, a file labeled "1.jpg" was transformed into "1.jpg.INC," and "2.png" became "2.png.INC."
Once the encryption procedure was completed, the INC ransomware generated a ransom note named "INC-README.txt." The contents of this note indicate that the malware's focus is on targeting companies rather than individual home users. The ransom note conveyed that the victim's company data, along with client information, has been extracted. The victim is granted a 72-hour window to initiate contact with the attackers. Failure to meet this deadline will result in the exposure of the pilfered data. The message further assures that the cybercriminals possess the capability to swiftly restore the encrypted files without any loss of data.
INC Ransom Note Threatens Leaking Stolen Data in 72 Hours
The complete text of the INC ransom note reads as follows:
Inc. Ransomware
We have hacked you and downloaded all confidential data of your company and its clients.
It can be spread out to people and media. Your reputation will be ruined.
Do not hesitate and save your business.Please, contact us via:
Your personal ID:
We're the ones who can quickly recover your systems with no losses. Do not try to devalue our tool - nothing will come of it.
Starting from now, you have 72 hours to contact us if you don't want your sensitive data being published in our blog:
You should be informed, in our business reputation - is a basic condition of the success.
Inc provides a deal. After successfull negotiations you will be provided:
- Decryption assistance;
- Initial access;
- How to secure your network;
- Evidence of deletion of internal documents;
- Guarantees not to attack you in the future.
How Can You Safeguard Your Sensitive Data Against Ransomware?
Safeguarding your sensitive data against ransomware requires a multi-layered approach that combines technical measures, security practices, and user awareness. Here are steps you can take to protect your data from ransomware attacks:
Regular Backups: Regularly back up your important data to an external source that is not connected to your network. This ensures that even if your data is encrypted by ransomware, you can restore it from backups without paying the ransom.
Update Software: Keep your operating system, applications, and security software up to date. Many ransomware attacks exploit known vulnerabilities, so timely updates can prevent these vulnerabilities from being exploited.
Use Reliable Security Software: Install reputable antivirus and anti-malware software. Make sure it includes real-time protection and ransomware detection features.
Email Safety: Be cautious when opening email attachments or clicking on links, especially if they are from unknown sources. Avoid enabling macros in email attachments unless you are sure of their legitimacy.
User Training: Educate yourself and your employees about safe online practices. Train them to identify phishing attempts, suspicious emails, and potentially harmful websites.
Network Segmentation: Segment your network to isolate critical data and systems from less critical ones. This can prevent the rapid spread of ransomware across your entire network.
Strong Authentication: Implement strong and unique passwords for all accounts and services. Consider using multi-factor authentication (MFA) wherever possible.
