Cyber criminals spare those who have their keyboards in Russian, is this the beginning of a strategy?

Cyber criminals spare those who have their keyboards in Russian, is this the beginning of a strategy?

May 22, 2021 Off By admin

Today, officially, everyone knows that Russian hackers tend to spare companies that operate within their state.

Even Russian companies that operate across borders. The aim is, of course, to be able to take advantage of the laissez-faire offered by the Russian state. In this context, some COMPUTER security experts advise companies to convert their devices into Russian language to be spared this surge.

"Try this weird trick that Russian hackers hate," says journalist Brian Krebs. On May 17, he published in his blog post, a trick that consists of turning the content of his Windows keyboard into a Russian language. The aim is to make the device look like a computer tool used by a Russian company or entity. In which case, if the Russian malware detects the language of use, it will then spare the targeted computer device. The journalist assumed in his development that this trick is likely to improve the protection of the system by abusing the system itself, even though it does not guarantee anything in practice.

This article will also interest you: Six Russians linked to Kremlin military intelligence indicted in the United States for major cyberattacks

However, our reporter proposed in a very simple way to deploy his tricks:

– First there is the possibility to download for free the virtual keyboard provided by Windows in several languages of countries that are usually spared by the malware of hackers. However the disadvantages of this manipulation are to push the user has switched totally to a keyboard purely as a result of mishandling. This will make the use of the computer tool very difficult.

– For the second, download simple script. This script has the functionality of applying Russian registry to the computer device without necessarily having to download a Russian virtual keyboard.

When journalist Brian Krebs published his blog post, several experts reacted to the event, namely the technical director of cybersecurity firm Emsisoft, one of the companies most mobilized in the face of the ransomware attack. Experts criticize the trick in some respects: "In the ransomware research team, we often joke about what new 'innovative' way we will be presented as the next big solution against ransomware. One of the recurring running-gags of the last 8 years has just been turned into a real recommendation recently: change the layout of your keyboard to Russian. ».

According to the computer security specialist, it is not the so superficial change that will alter the ability to automatically detect malware. "Unless you really want to use your computer in Russian with a Russian keyboard, you'll still get attacked," he says. 

In addition, Emsisoft specialists point out that what kind of command is easy to disable just 1 click away. It will just be enough for hackers to realize the company is indeed non-Russian.

He adds that in the case of a ransomware computer attack, the trick will serve him no good at all because once the malware is in the system a simple command cannot prevent it from doing what needs to happen.

"The hackers behind the ransomware will know everything about your business. They will know quickly and definitively whether you are a real Russian company or not," concludes Wossar, Emsisoft's technical director.

Beyond all the criticism, the journalist wishes to defend his position in every way: "Is there really a disadvantage in adopting this simple, free, prophylactic approach? (…) The worst that can happen is that the user accidentally passes the options of his menu in Russian."

The latter acknowledges that in the majority of cases it is the trick to not functioning, there is no denying that in a certain minority it may well have a well-defined scope.

The fight against ransomware attacks has intensified a lot in recent days. This is clearly understood when we see how cybercriminals are also intensifying their cyberattack.

Now access an unlimited number of passwords:

Check out our hacking software