Author Archives: Sarah Stewart - Page 29

Malware experts agree: LIGMA Ransomware could become a serious threat. At this time, the infection is not complete, and its distribution is unlikely to have started. Of course, if you encounter it, you must remove it without further delay because it appears to have been created to encrypt files. Our research team at Anti-Spyware-101.com has found that the infection is programmed to encrypt 224 different types of files, which include documents, photos, archives, songs, videos, shortcuts, etc. The infection does not encrypt system files, and there is no point in doing that because the operating system can be reinstalled. On the other hand, when personal files are encrypted, their owners are more likely to accept the requests of cyber criminals just to get them back. The strange thing is that the infection in its current state does not make any requests. This isn’t bad news because even when victims have the opportunities to pay ransoms, they should not do it because cyber criminals are unlikely to give anything in return. All in all, even if it is not spreading yet, we want to show how to delete LIGMA Ransomware in case it strikes unexpectedly. Read more »

We could not call KCTF Locker Ransomware a real threat because research has revealed that it has been developed for a competition. Specifically speaking, someone has developed it for the CyberSecurity Capture The Flag event. It was not distributed by cyber criminals at the time of analysis. We do not know whether this threat will ever be used as a tool to obtain money from users, but we still want you to know about it. Theoretically, new ransomware infections might be developed on its source code, or crooks might borrow this threat, update it a little, and then start distributing it with the intention of obtaining money. It does not really matter which version of this threat you encounter because you cannot keep any malicious application installed on your computer. Even the tiniest infection must be deleted from the system right away because you cannot know what it will evolve into. If nothing changes, it will be a piece of cake to remove this program from the system. Unfortunately, no files will be unlocked if they have already been encrypted no matter you delete KCTF Locker Ransomware manually or scan your system with an antimalware scanner to clean it. Read more »

Suri Ransomware locks all files on the victim’s Desktop with AES encryption algorithm and marks them with the .SLAV extension. If you see this extension at the end of your files' names you should have a look at the rest of the article to learn more about the threat you came across. In this article, we will discuss its possible distribution channels, its effective manner, and the methods you could employ to get rid of it. Moreover, just slightly below the report, we will add instructions showing how to remove Suri Ransomware manually. Naturally, if you do not think you can deal with the malicious application on your own, you could use a legitimate antimalware tool instead. Also, users who have some other questions about the infection or need more guidance with its deletion could place comments at the end of this article. Read more »

Kraken Cryptor Ransomware might ruin a lot of user’s personal files if it manages to sneak in. The malicious application damages its victims’ data by encrypting it with a robust cryptosystem. It means the files that get enciphered become useless without particular decryption tools. Since the threat is a tool for money extortion, it should show a warning message or a ransom note suggesting the user makes a payment to receive the needed decryption tools. What it is important to realize is that you cannot hope for guarantees or refunds when dealing with cybercriminals, which means by paying the ransom you would be gambling with your money. If you do not want to risk being tricked, we think it would be wiser to get rid of Kraken Cryptor Ransomware. To learn how to remove it manually, you could use the instructions available below, and if you wish to find out more details about the threat first, you should read the rest of the text first. Read more »

Princess Evolution Ransomware is a new threat promoted on underground forums as RaaS (Ransomware-as-a-Service). In other words, anyone interested can join cyber criminals and start distributing this malicious application in exchange for 60% of all the payments received. This may sound like a tempting offer, so we bet the ransomware developer will find some “business partners”. As a consequence, it has a potential of becoming a prevalent threat. Anyone can encounter ransomware no matter where they live. Of course, malware usually affects those computers that are unprotected, i.e. with no security software installed on them. We hope that you will not fall victim to Princess Evolution Ransomware, but if it is too late for prevention, i.e. the ransomware infection has already locked almost all files on your computer, its complete removal is what you should do in the first place. Once the infection is removed from the system fully, you could think about the decryption of files. Sending money to malicious software developers is not what we have in mind here. Read more »

At the moment, TotalWipeOut Ransomware cannot wipe out your personal files, but it is built as a file-encryptor, and so it would be a mistake to underestimate this infection. Anti-Spyware-101.com research team has recently obtained a sample of this malware, and it was tested in our internal lab. The conclusion: It is not a threat yet, but it could be upgraded to attack Windows systems and encrypt files. This is why we must discuss this threat and, of course, its removal. If you do not know what to think about this infection, and you have no idea how to get rid of it, you should keep reading this report. We show how to delete TotalWipeOut Ransomware from the operating system, and we provide you with tips that should help you keep malicious infections away in the future. Don’t forget that while you might be most interested in eliminating the ransomware at this point, it is crucial that you take into account that securing your operating system is the most important task. Read more »

After taking a closer look at Jeff Ransomware, our researchers concluded it is probably still being developed. Therefore, we doubt the malware could be spread among a lot of users. Nonetheless, we believe it is essential to learn about it just the same in case it gets upgraded and becomes a serious threat. In the article, we will explain why we believe it not yet finished and talk about its working manner. Moreover, users who are interested in how it could be erased will find instructions showing how to do so manually. Of course, if you encounter an updated version of Jeff Ransomware, it might act differently, and the provided deletion guide may not help you remove it completely. For this reason, it might be best to use a legitimate antimalware tool that could take care of the malicious program with no trouble. Read more »

DBGer Ransomware is a malicious program that may attack computers vulnerable to the so-called EternalBlue exploit. If the malware succeeds and settles in it should encipher user’s photos, documents, and other personal files with a secure encryption algorithm. As a result, the device should be unable to recognize modified files. Meaning, the only way to access them is decrypting them. Sadly, the only ones capable of deciphering data encrypted by DBGer Ransomware is the hackers who created it, and they ask for around six thousand US dollars for such services. Naturally, if you do not have so much money to spare, or do not want to risk being scammed; we would advise ignoring the malware’s displayed ransom note. For more information about the threat and the ways it can be erased, you should read our full article. Read more »