Home Malware Programs Ransomware Yakes Ransomware

Yakes Ransomware

Posted: May 2, 2016

Threat Metric

Threat Level: 8/10
Infected PCs: 62
First Seen: May 2, 2016
Last Seen: March 30, 2022
OS(es) Affected: Windows

The Yakes Ransomware is a file encryption Trojan that holds the data on your PC hostage until it can extract a Bitcoin payment. Since con artists may not provide the data restoration services they claim to offer, malware experts espouse alternate recovery techniques traditionally, such as rewriting any encrypted files with a non-encrypted backup. In the meantime, using appropriate security products for deleting the Yakes Ransomware can help minimize other issues, such as any possible attempts at erasing backup content.

Gathering a PC's Worth for a PC's Contents

With new variations of previously-proven file-ransoming malware under verification almost daily, malware researchers are seeing a wide degree of flexibility in both the functional attacks of such threats, as well as the social engineering strategies behind them. One crucial factor in such attacks is the ransom, which con artists may ask for being delivered in a variety of currencies, with or without a strict time limit, and in an entirely arbitrary quantity. Most threatening file encryptors limit their ransom demands to several hundred USD in value, but others, like the new Yakes Ransomware, may ask for thousands of dollars for the contents of your computer.

Like most encryption-based threats, the Yakes Ransomware limits its ransom attacks to file formats such as TXT, MP3, AVI, or PowerPoint presentations. After scanning your hard drive for any content falling under such formats, the Yakes Ransomware runs them through an encryption process, modifying the first few bytes of data. Encrypted files will no longer open with their associated programs, and are appended with the 'KEYH0LES' extension to let victims identify all affected content.

The Yakes Ransomware uses simple TXT and image files for delivering its ransom message, implying that its developers are either uninterested in or incapable of providing a sophisticated, streamlined payout process. Further communications for how to pay its 4 Bitcoin fine utilize various e-mail addresses, along with BitMessage (an encrypted instant messaging client). While the Yakes Ransomware's con artists imply that paying is the only way to have your files decrypted and restored to normal, malware experts found no guaranteed decryption service embedded in this Trojan.

The Straightforward Skeleton Key to a Trojan's Encryption

The Yakes Ransomware is a threat based heavily on exploiting social engineering for achieving its goal of transferring ransom money to its developers. Public domain decryptors often provide the same decryption services that con artists sell at inflated costs, and are downloadable for free from various PC security institutions. Alternately, you may prefer restoring your data from a backup that hasn't been affected by the Yakes Ransomware, such as a removable thumb drive or a cloud server. Due to the natural uncertainty of such transactions, malware experts always advise using any other means of restoring data, rather than paying a ransom for your files.

The Yakes Ransomware is a newly-developed threat, and may use different infection methods for different victims. PC owners who use strict Web-browsing settings, patch their software and avoid unusual e-mail attachments are in a minor risk of being affected by the Yakes Ransomware, or similar Trojans.

Between its file changes and its ransom messages, the Yakes Ransomware generates symptoms that are apparent to the eye immediately. When experiencing symptoms like those noted in this article, restart your computer and select the Safe Mode boot option. Then run whatever anti-malware product you prefer for identifying and deleting the Yakes Ransomware. Since file encryption Trojans may incorporate data-deleting features, you should you proceed towards recovering your data only after disinfecting your PC.

Related Posts

Loading...