What is the 'trick' that can dismiss Russian hackers for free?
DarkSide hacker group, which launched a large-scale ransomware attack that shuts down America's largest oil pipeline for several days, are becoming a global threat. The security information site KrebsOnSecurity explained the defense method that has been pointed out to be effective against such Russian hackers.
The activities of Russia-based hackers, such as the
Try This One Weird Trick Russian Hackers Hate – Krebs on Security
The method advocated by KrebsOnSecurity to avoid malware originating in Russia is to 'install a Cyrillic keyboard on a PC'.
Russian law enforcement officials do not investigate cybercrime unless domestic corporations and individuals accuse the damage, so Russian hackers are very careful not to leave their country victims. Therefore, by installing a Russian keyboard and disguising it as a PC owned by a Russian, it seems that you can easily prevent malware damage from Russia.
In fact, the ransomware 'DarkSide' of the same name used by the aforementioned DarkSide is no longer working on systems in Russia and its neighboring countries. Below is a list of languages that DarkSide cannot encrypt files, as revealed by security company Cybereason by analyzing ransomware. In addition to Russian, Latin letters, Ukrainian, Georgian, etc. used in Azerbaijan and Uzbekistan are listed.
For this reason, security expert Brian Krebs, who runs KrebsOnSecurity, said, 'DarkSide ransomware, like many other ransomware, will not be installed on systems that have Cyrillic keyboards installed. So, if you want to protect yourself from these damages, why not install a Russian keyboard? '
Pro tip for the 'but how do we protect ourselves?' folks. DarkSide ransomware, like many other strains, will not install on systems where certain Cyrillic keyboard and other scripts are already installed. So, install the Russian keyboard. You don't have to use it.— Briankrebs (@briankrebs) May 11, 2021
Alison Nixon, chief investigator of the cyber research firm Unit221B, interviewed by KrebsOnSecurity, said, 'By installing a Cyrillic keyboard and changing the language of certain registry items to'RU'. You can convince the malware that it's a Russian PC and keep it out. This technique is technically a vaccine against Russian malware. '
The procedure to actually install the Russian keyboard on your PC is as follows. First, open the settings from the start menu ...
Click Time and Language.
Select Russian and click 'Next'.
Click 'Install' to start the installation.
When the installation is complete, the following will be displayed.
If the input is switched to Russian after installation, you can switch the keyboard by pressing the 'Windows key' and 'Space key' at the same time.
However, this method is not a panacea. This is because there are many malware and ransomware that attack indiscriminately, whether or not they are Russians.
Also, in the past, a defense method was used to disguise a PC as a virtual environment, taking advantage of the fact that 'malware stops functioning when a virtual environment is detected in order to avoid analysis by a security company'. However, with the increasing popularity of virtual environments, this method has become ineffective. Similarly, the technique of installing a Russian keyboard is thought to be a countermeasure in due course if many people use it.
In this regard, KrebsOnSecurity said, 'There is no alternative to taking a thorough defense and being careful not to take dangerous actions online. However, the free approach of installing a Russian keyboard is not a good idea. It is certain that there are no disadvantages other than inadvertently making the menu all in Russian and making me feel miserable. '
in Security, Posted by log1l_ks