Insights on the Capabilities of Three Politically-Themed Ransomware Campaigns

We all hear politicians’ names week over week – what policies they’re working on, new initiatives they’re implementing for their respective country, the list goes on. And now, we’re hearing about their names in a new context. Specifically, former U.S. President Barack Obama, current U.S. President Donald Trump, and Chancellor of Germany Angela Merkel all now have ransomware campaigns named after them. But just how effective are these politically-themed threats and how do they impact users? Let’s break it down.

Just recently identified, the Obama ransomware campaign is a bit non-traditional in its approach. The threat only targets specific files on a user’s computer and actually attempts to stop some anti-malware products from doing their job. What’s more – the malware also uses a victim’s device to mine for cryptocurrency. Said to be created by the same cybercriminal group behind the Obama ransomware, the Trump ransomware variant is similar in its capabilities to the Obama variant, but is not nearly as developed.

Now, the ransomware campaign named after German leader Angela Merkel encrypts files using an extension dubbed .angelamerkel. It also demands Euros when making its ransom demand, so it stays pretty true to theme.

In short, all these ransomware campaigns are unique in their capabilities and objectives, similar to the politicians they are named for. Now, with all these strains out in the wild, what are the next steps for users wishing to stay protected from a ransomware attack? Start by following these tips:

  • Do a complete backup. With ransomware attacks locking away crucial data, you need to back up the data on all of your machines. If a machine becomes infected with ransomware, there’s no promise you’ll get that data back – it could even become wiped entirely in some cases. Therefore, make sure you cover all your bases and have your data stored on an external hard drive or in the cloud.
  • Use decryption tools. No More Ransom, an initiative McAfee is a part of, has a suite of tools to free your data, each tailored for a specific type of ransomware. If your device gets held for ransom, start by researching what type of ransomware it is. Then check out No More Ransom’s decryption tools and see if one is available for your specific strain of ransomware.
  • Use comprehensive security. To be prepared for ransomware or any other type of cyberattack that may come your way, it’s important you lock down all your devices with an extra layer of security. To do just that, use a comprehensive security solution.

Want to learn more about Ransomware and how to defend against it? Visit our dedicated ransomware page.

Introducing McAfee+

Identity theft protection and privacy for your digital life

FacebookLinkedInTwitterEmailCopy Link

Stay Updated

Follow us to stay updated on all things McAfee and on top of the latest consumer and mobile security threats.


More from Internet Security

Back to top