[Sept 04, 2018]
A new ransomware has been found that encrypts only EXE files present in your computer including the ones presented in the windows folder, which typically other ransomware won’t do to ensure the operating system function correctly.
According to Bleeping Computer analysis, it scans the computer for the presence of .exe files to make it unusable. It also terminates the process related with Antivirus such as Kaspersky, McAfee, and Rising Antivirus.
The ransomware also encrypts the registry keys that associated with the EXE file to run every time when someone launches the application.
As with any other ransomware, it doesn’t show’s any Ransomed amount instead it asks victim’s to send an email to “firstname.lastname@example.org” for payment details.
Cyber Security Tips:
If you’re Infected:
- Disconnect the Network.
- Determine the Scope.
- Understand the version or Type of Ransomware.
- Determine the Strains of Ransomware.
- Use Strong Firewall to block the command & control server callbacks.
- Scan all your emails for malicious links, content, and attachment.
- Block the adds and unnecessary web content.
- Enforce access control permission.
- Take regular backups of your data.