Jigsaw: The ransomware that wants to play a game with you

Discovering that you have ransomware on your PC or network is a nightmare. Discovering that you have ransomware on your PC or network that has a timer that deletes files as it counts down is a whole different story.

That’s exactly what a new strain of ransomware, ‘Jigsaw’, does. Inspired by the serial killer in the Saw movies, Jigsaw encrypts all of an infected PC’s files, but also sets a timer and deletes files every hour that the user delays paying the ransom.

The malware targets over 120 file extension types. Once the malware is activated, a screen with Billy the puppet (Jigsaw’s mouthpiece in the Saw films) tells the victim that they have 24 hours to pay a bitcoin ransom of $20-$200 (£14-£140) in order to decrypt their files.

After 72 hours, the ransomware deletes all the remaining files. A forced restart will cost the victim 1,000 files.

There’s a fix

Thankfully, this torture has a more fortunate ending than the ones in the Saw films. Security researchers have found a way for victims to recover their files and remove the ransomware. A guide is available here.

Phishing, again

It’s not exactly surprising that this ransomware is spread via spam, is it? Why would criminals use another avenue when there are people all across the globe who still don’t understand that there isn’t a prince in Nigeria who wants to give them all his wealth?

This ransomware adds to an already incredibly long list of reasons you need to ensure your staff know how to avoid falling victim to spam emails. Can your organisation afford to lose its files, and the time needed to recover them? Book your staff onto IT Governance’s phishing staff awareness course.