Home Malware Programs Ransomware ‘.uzltzyc File Extension’ Ransomware

‘.uzltzyc File Extension’ Ransomware

Posted: February 8, 2016

Threat Metric

Threat Level: 10/10
Infected PCs: 89
First Seen: February 8, 2016
OS(es) Affected: Windows

The '.uzltzyc File Extension' Ransomware is an encryption Trojan sometimes associated with the PRISM 'Your Computer has been locked!' Ransomware and similar attacks. In addition to modifying files with an encryption routine that stops other programs from opening them, this threat may lock your desktop, display fraudulent legal alerts or demand money in exchange for a decryption solution. However, malware experts always encourage using a 'cheap' solution to such attacks: deleting the '.uzltzyc File Extension' Ransomware with anti-malware software and, then, restoring any damaged files through uncompromised backups.

The Surveillance that's Interested in Your Files

File encryptors come in a rainbow of formats, starting with minimalist threats that conduct the bare bones of attacks to accomplish a ransomware campaign, and ending with sophisticated products using supplementary attacks to all but force victims into paying. The '.uzltzyc File Extension' Ransomware is a new file encryptor most closely aligned with the second side of the spectrum. The '.uzltzyc File Extension' Ransomware does include the usual, visible changes of encrypted file names (appended with the 'uzltzyc' extension, an extension unrelated to known file formats). However, it also may launch other attacks simultaneously, such as:

  • The '.uzltzyc File Extension' Ransomware may block other programs from starting.
  • The '.uzltzyc File Extension' Ransomware may delete local backup data such as the default restore points of Windows Oses.
  • The '.uzltzyc File Extension' Ransomware may lock your desktop to display a fake warning message with the branding of the US National Security Agency, or load a browser pop-up with similar content.

However, all of these features are complementary for the '.uzltzyc File Extension' Ransomware's primary payload: modifying files by rearranging their internal data (a process referred to as encryption) and then selling a decryption service to the victims. Although most file encryptors avoid attacking files that are necessary for an OS's basic functionality, personal data is favored, including targets such as spreadsheets, documents, pictures, archives or Web pages.

Securing Your PC from a Faux NSA

The '.uzltzyc File Extension' Ransomware has no relationship with any department of US law enforcement or surveillance, and any legal warnings it issues as part of its attacks always can be discounted wholesale. Since data recovery is a primary consideration for most file encrypting attacks, malware researchers recommend keeping multiple, safe backups for free alternatives to paying third parties for undoing the damages they've caused. Examples of sufficiently secure backups include both cloud services and removable devices, although a minority of file encryptors also may compromise cloud storage accounts. Storage devices left plugged into a PC during the '.uzltzyc File Extension' Ransomware's payload processing also may be at risk.

Whether or not this Trojan blocks your desktop or other programs actively, victims should take all of the usual precautions for disabling threats before scanning their computers for removing the '.uzltzyc File Extension' Ransomware. You should delay data recovery until after you've deleted the '.uzltzyc File Extension' Ransomware and all related threats. On the other hand, it's simpler to keep a file encryptor out of your PC than it is to recover encrypted data, which is why you may wish to scan e-mail attachments, use safe Web-browsing settings and keep active anti-malware products at the ready.

Loading...