Obscura is a fresh edition of ransomware, but its name is fitting a bit, because it is unusual and not massively known. It doesn't have highs of LockBit or Conti. However, that does not mean it should be thrown in the trash like a lot of others. I remember reading about this one and I thought, "Great, here's another new nightmare." However, this one has a twist.
Have you thought about why hackers are doing that? That is simply the hacker saying: "We got you!"
• Fake emails that have links or attachments.
• Hacked websites that cause you to download the ransomware.
• Weak passwords or old software that no longer gets patches.
These tricks are old, which mean they still work because people keep doing them.
So what?
You might think, "Okay, it's just another ransomware, right?” The main issue is that a new ransomware is not going to get past Windows Defender and other anti-viruses because it hasn’t been recognized, yet.
Now imagine having to explain to your boss that every file that your company has ends with “.obscura.” Yikes.
• Back up files consistently and back up offline.
• Upgrade your operating system, and software so hackers cannot use exploit to attack you from outdated software.
• Update passwords - every account should require a unique, strong password.
• Don't click on any emails or links that look - weird.
My practice is two backups - one backup is in the cloud and another is a USB backup. If I get hit with ransomware, I reset my compuer, and restore my files, without paying the ransom.
So be prepared and use backups and keep your devices updated with the latest versions - it is always better to prevent an infection of malware or ransomware then it is to clean it up afterward. Now you can see - Obscura is no longer just a fancy word - it is the hacker's way of saying, "We were here."
So what is Obscura doing?
Like every ransomware-type virus, it locks your files and asks for money to be unlocked. However, Obscura is doing something strange; it takes the files and changes each file name and adds ".obscura" to the end; for example: "report.docx" would be transformed into "report.docx.obscura."Have you thought about why hackers are doing that? That is simply the hacker saying: "We got you!"
How does it spread?
While we don’t know for sure, it is likely Obscura spreads like most ransomware:• Fake emails that have links or attachments.
• Hacked websites that cause you to download the ransomware.
• Weak passwords or old software that no longer gets patches.
These tricks are old, which mean they still work because people keep doing them.
So what?
You might think, "Okay, it's just another ransomware, right?” The main issue is that a new ransomware is not going to get past Windows Defender and other anti-viruses because it hasn’t been recognized, yet.
Now imagine having to explain to your boss that every file that your company has ends with “.obscura.” Yikes.
How do you protect yourself?
Here are some easy strategies:• Back up files consistently and back up offline.
• Upgrade your operating system, and software so hackers cannot use exploit to attack you from outdated software.
• Update passwords - every account should require a unique, strong password.
• Don't click on any emails or links that look - weird.
My practice is two backups - one backup is in the cloud and another is a USB backup. If I get hit with ransomware, I reset my compuer, and restore my files, without paying the ransom.
As a summary
Let's keep it simple: Obscura is a new form of ransomware that encrypts your files and adds the suffix file extension, ".obscura." Although it is not widely known, it is damaging nonetheless.So be prepared and use backups and keep your devices updated with the latest versions - it is always better to prevent an infection of malware or ransomware then it is to clean it up afterward. Now you can see - Obscura is no longer just a fancy word - it is the hacker's way of saying, "We were here."
Last edited:
