In a unique way to support protesting farmers in India, cybercriminals have launched a new ransomware attack in the country that does not ask for money but justice for the community, conveying a message that no data will be recovered until the demands of the farmers are met, a new report revealed on Wednesday.
The ransomware is designed to target entities connected with farmers’ protests in India, with the hacker group titled Khalsa Cyber Fauj reported to be leading this attack in the country.
Quick Heal Security Labs, the threat research and response division of global cybersecurity firm Quick Heal Technologies, said it has discovered the ransomware named “Sarbloh”, which is being distributed through malicious word documents via emails, containing a political message supporting the farmers’ community.
“The latest Sarbloh ransomware that appears to be working in the favor of farmers without any monetary grains is a testimony to their growing attack abilities,” said Himanshu Dubey, Director, Quick Heal Security Labs.
Surprisingly, threat actors through this new attack technique are infecting user devices by encrypting their files without asking for a ransom, which is usually the key objective of any ransomware.
“Khalsa Cyber Fauj is using military-grade encryption on system files to turn them useless,” the company mentioned.
The news came as apart from intensifying the agitation at Delhi’s borders, farmers are now trying to strengthen the stir against the Union farm laws on social media platforms as well.
Farmers have been protesting against the various newly enacted Union farm laws since November 26, 2020, at various borders of the national Capital.
“Threat actors have constantly demonstrated innovation through their evolving attack strategies. We will continue to analyze the threat environment and deploy safety measures for our users,” said Dubey.
The company advised users not to download any attachment that comes from unknown emails and messages.
“Avoid clicking on unverified links and those found in spam email. Besides, practice backing up the data so that it can be recovered in case of compromise, and keep updating antivirus solutions to stay protected,” the company said.
