A maioria Ludicrous ransomware em 2016 - Como, Tecnologia e Fórum de Segurança PC | SensorsTechForum.com
CYBER NEWS

A maioria Ludicrous ransomware em 2016

você está brincando comigo

Ransomware é vírus de computador mais odiava de hoje. Contudo, a destrutividade de cada ransomware depende de suas raízes. É parte de um ativo, altamente família ransomware sucesso periodicamente lançando novas versões? Or is it one of those oddly “shaped” viruses that could make you laugh (if it weren’t for the file encryption)?

We have been observing various ransomware viruses, and we can definitely say that some of them appear more… professional than others. The list you are about to encounter has gathered some of the less adept ransomware cases. How are they different than Locky e Cerber? It appears that these pieces were all “coined” by non-professional cyber criminals via the ransomware-as-a-service model. Just a look at their ransom notes is enough for you to determine the level of greatness of their creators.

Let’s not forget that malware-as-a-service has helped many willing souls turn to the Dark Side… ou, nesse caso, to the Dark Web.

Sem mais delongas, here are some of the funnier ransomware cases we have come across during our daily malware researches.


Hollycrypt Ransomware Demands Vodka

Hollycrypt is yet another cryptovirus based on the HiddenTear open source project. Each encrypted file will have the extension .Hollycrypt appended to it. It uses the AES encryption algorithm and demands Bitcoins or Vodka as payment:

stf-hollycrypt-ransomware-holly-crypt-hollyman37-virus-vodka-ransom-note-read-this-shit-message

FYI: HiddenTear and EDA2 are widely accepted as the first open-source ransomware coded for educational purposes. This idea quickly turned out to be fishy, as it didn’t take long for cyber criminals to exploit the code for malicious operations.

This is the Hitler-Ransonware!

Some ransomware were obviously coined by a) non-professional cyber crooks and b) non-English speakers with English as bad as the language skills of a Russian F-grader. The ransomware was still in development when it was uncovered by security researchers at AVG. Não obstante, the ransomware was still able to encrypt and even delete the compromised files. It could also cause a BSOD and lock the screen displaying an 1-hour deadline for the ransom to be paid. Most interestingly, the virus aimed to get users to purchase a Vodafone card for 25 Euros and add its code in a text box. And it also
displayed some quite poor English! Even ransomware is misspelled, as evident by the ransom note:

bsod-sensorstechforum-hitler-ransomware (2)


Decryptor Files Are Available at the Post Office!

A variant of the Troldesh/Shade ransomware family, apelidado Drugvokrug727 was spotted recently. The wallpaper placed on a compromised computer features a digital sketch of the main character from the movie “The Big Lebowski” – the Dude.

STF-Drugvokrug727 @ india-com-ransomware-cripto-virus-a-cara-a-big-Lebowski-desktop-screen-wallpaper

It may be a coincidence but this ransomware could really be called a “dude” as it didn’t specify a payment for its decryption key, and it also didn’t urge victims with a payment timeframe. Mais, Drugvokrug727 has already been decrypted by researchers!


Smash! ransomware Wants to Stab Your Files

The ransomware wants to be something it really isn’t – a deadly crypto virus that successfully encrypts files and is persistent to decryption. Em vez de, Smash! Ransomware is only capable of blocking access to various Windows processes and apps. Even though the ransom note screams violence and aggression, all it really turns out to be ismuch ado about nothing.

A vivid example of a poorly drawn ransomware:

smash-ransomware-mushroom-danger-omg-sensorstechforum


This Ransomware Is the Grandpa You Wish You Never Had!

DedCryptor appends the .ded file extension to encrypted files. If you didn’t know, ded means grandpa in Russian. Once the victim’s files are encrypted, DedCryptor would change the wallpaper with a message that features a vulgar and demonized photo of Santa Claus, making it all seem like a joke. Pelo visto, DEDCryptor is no joke as it demands 2 Bitcoin which amounts to 700 USD.

dedcryptor-stforum

Researchers believe that the ransomware may be a variant of the EDA2 open-source ransomware, suggesting the virus could have been posted for sale on deep web markets, thus generating more profit for the master minds of the operation.


Joke or No Joke, You Should Be Protected against All Ransomware

Plenty of people across the Internet have been victimized by ransomware.

A ransomware or any other malware attack should have an educational purpose, if nothing else. A successful attack should increase the user’s paranoia and should also make them a tad more careful with online activities of all types. The importance of regular data backups and appropriate data hygiene is bigger than ever. There is no joke here.

If you’re reading these lines because you were attacked by any of the above-mentioned ransomware viruses, have a look at the steps provided below. And remember the phrase:

Fool me once, shame on you, fool me twice, shame on me!”

Milena Dimitrova

Milena Dimitrova

Um escritor inspirado e gerenciador de conteúdo que foi com SensorsTechForum desde o início. Focada na privacidade do usuário e desenvolvimento de malware, ela acredita fortemente em um mundo onde a segurança cibernética desempenha um papel central. Se o senso comum não faz sentido, ela vai estar lá para tomar notas. Essas notas podem mais tarde se transformar em artigos! Siga Milena @Milenyim

mais Posts

Me siga:
Twitter

Deixe um comentário

seu endereço de e-mail não será publicado. Campos obrigatórios são marcados *

limite de tempo está esgotado. Recarregue CAPTCHA.

Compartilhar no Facebook Compartilhar
Carregando...
Compartilhar no Twitter chilrear
Carregando...
Compartilhar no Google Plus Compartilhar
Carregando...
Partilhar no Linkedin Compartilhar
Carregando...
Compartilhar no Digg Compartilhar
Compartilhar no Reddit Compartilhar
Carregando...
Partilhar no StumbleUpon Compartilhar
Carregando...