Of late, a new ransomware has made its way through Word documents claiming to contain a political message in support of farmers protesting at Delhi borders against the farm laws. Security firms such as Malwarebytes, Cyble, and QuickHeal have admitted to the presence of this ransomware. Interestingly, the ransomware bucks the trend and doesn’t ask for money but seeks justice for farmers.
Thousands of farmers have been protesting along the Delhi border since November 26. These farmers, especially from Punjab and Haryana, are on a sit-in, demanding a complete rollback of three farm laws and a guarantee on the minimum support price (MSP).
What does the term ‘Sarbloh’ mean?
Sarbloh, or wrought iron, is the metal used in the bowl used by Guru Gobind Singh Ji to make ‘amrit’ during the Khalsa initiation ceremony. Khanda, the double-edged knife or sword, is made of Sarbloh. Till date, Amrit Sanchaars are conducted using a bowl and ‘Khanda’ made of ‘Sarbloh’.
What is ransomware?
First, let’s look at what ransomware is. In simple terms, it’s a form of extortion. Hackers use malware or malicious software to take your computer data hostage by encrypting or locking all the data on any system using a strong encryption key, and then demand money to release the data. It’s akin to locking a door with the keys being in the hacker’s possession. To let you open the door, the hacker seeks ransom. The most popular way to spread ransomware is by sending phishing emails.
How does the Sarbloh ransomware affect your files?
The ransomware, once downloaded, encrypts the files on your computer with the extension .sarbloh. It also shows a ransom note. The beginning of the note reads: “Your files are locked. Your files are gone. They will not be recoverable until the demands of the farmers have been met.”
The group that has claimed responsibility for the ransomware, Khalsa Cyber Fauj, claims to use military-grade encryption on the files in your system, making them useless.
How can you prevent your PC / laptop from getting infected with the Sarbloh ransomware?
The primary source of the malware is emails. So, you have to be extra cautious while handling your emails.
Install anti-virus software, if you don’t have it.
In case you don’t recognise the sender of an email, don’t ever download attachments from such emails.
Don’t make any payment or provide your OTP or any password to anyone for such information on email. Just mark such emails as spam. You won’t get them in your inbox anymore.
(Edited by : Abhishek Jha)