Not that while ago, the online community was baffled by the emergence of the notorious Locky virus which is still one of the most prominent threats in the ransomware league today. This cyber threat has infected hundreds of thousands of computers and made millions of dollars, but none of that seemed to satisfy its creators’ greed. Since then, the virus has grown into a widespread network of malicious infections which go under different names, but essentially work by the principles set by their infamous predecessor. However, new ransomware versions have started to emerge, and some of them come close to wrecking the irrefutable status of Locky virus itself. Zepto virus was one of the initial Locky versions that made the virus experts to view it as an isolated threat and not some kind of derivative. The virus is just as complex as Locky, uses the same encryption algorithm and is most probably distributed via the same malicious spam campaign. But the recently released ODIN virus is, at this time, Locky’s most serious competition.
ODIN has become especially active in the last couple of weeks. Currently, Europe is a region where the ransomware is spreading most rapidly, although Asian countries and US show quite large numbers of affected computers as well. Interestingly enough, Russian Federation has the smallest infection rates which again gives proof that the virus is most likely a work of Russian hackers. Regardless of its origin, the virus is capable of ravaging through any computer, given the right conditions. In fact, just earlier this month, ODIN has locked 20 computers in Honolulu’s Fire Department, stopping the department’s administrative affairs and communication. Fortunately enough, the dispatch system and firetruck computers were running on a different network, so the emergency response hasn’t been interrupted. The encrypted administrative data was also restored from backups, so the station was up-and-running the following day.
Such events only prove how fragile our organizations and infrastructures actually are. It should encourage authorities of other public institutions to take the cyber security more seriously and invest in a stronger defense and data backup mechanisms. While the private users should do the same on their home networks. If you have already been infected with ODIN, we recommend keeping an eye on websites like decrypter.emsisoft.com or nomoreransom.com. These online projects are working against ransomware and will be the first ones to release free data decryption tools.