According to a recent report from Cisco’s in-house security firm Talos, blackhat hackers have been turning to various online forums, including the news aggregation website Reddit, to distribute the infamous ransomware known only as “Jigsaw” to thousands of users from across the web.
Two of the team’s researchers tasked with rooting the links out claim that Jigsaw used several different sub-forums on the site (known as “subreddits”), to trick users into clicking on links that would automatically download infected payloads onto their machines.
“A single Reddit user was associated with a large number of low volume posts to bitcoin-related subreddits, linking back to several of the domains we were investigating. For each post, the user in question cross posted to several other bitcoin related subreddits simultaneously. Additionally, we didn’t observe any other Reddit users posting links to these domains.” the pair say.
Somewhat ironically, the links were posted on subreddits with users who are normally the most concerned with online security, including r/Bitcoin and even r/CryptowallRemoval, a page dedicated (supposedly) to helping users combat ransomware that’s already been installed on their machine.
To ensure you’re as safe as you can be from ransomware and infected links, your best course of action is to put a VPN between your computer and the rest of the web. Head on over to our ProVPN signup page to get started with Proxy Server today!