Home Malware Programs Ransomware ‘.zzz File Extension’ Ransomware

‘.zzz File Extension’ Ransomware

Posted: January 21, 2016

Threat Metric

Threat Level: 8/10
Infected PCs: 91
First Seen: January 21, 2016
OS(es) Affected: Windows

The '.zzz File Extension' Ransomware is a threatening software that isolates your files according to their formats, encrypts them, and delivers a ransom message for how to 'save' the affected data. Following through on ransom demands may not salvage any encrypted files, and malware experts recommend using conventional backup strategies preferentially, instead of paying the '.zzz File Extension' Ransomware's authors. Anti-malware tools can delete the '.zzz File Extension' Ransomware most easily, which has a high chance of using semi-random names for some of its components.

A Ransomware Update Worth Losing Sleep Over

Although updating the definitions of threatening software is an inherent part of the PC security industry, threat authors also can be equally productive. In many cases, such as with the TeslaCrypt, the existence of a broad template lets con artists create a substantial range of variants in a short time frame. From the TeslaCrypt Ransomware, malware experts have seen new, recent clones, including the '.ezz File Extension' Ransomware, the '.exx File Extension' Ransomware, '.ecc File Extension' Ransomware, and, of course, the '.zzz File Extension' Ransomware. Externally, these threats can be distinguished by the different extensions of the files affected by their attacks.

The '.zzz File Extension' Ransomware may install itself in any of several ways, but the TeslaCrypt Ransomware project has strong ties to targeting PC gamers and, correspondingly, circulating via gaming-related illicit downloads (key generators, etc.). The '.zzz File Extension' Ransomware's installation is followed by the Trojan scanning for non-essential data formats, such as MP4s, JPGs or DOCs. Any files fitting under these formats are encrypted.

Affected files can't be opened or read without a decryption routine, which the '.zzz File Extension' Ransomware's admins attempt to sell through a BitCoin-based ransom process. The '.zzz File Extension' Ransomware may deliver the demand in text messages placed in the same folders as any encrypted files locked onto your desktop background, or launched via browser pop-ups. Some third parties are developing decryption tools that could reverse these attacks for most variants of the TeslaCrypt Ransomware although no application specific to the '.zzz File Extension' Ransomware has been released. Malware experts have verified recent upgrades of these threats including defenses against old decryption tools.

Turning the '.zzz File Extension' Ransomware into a Snore of a Trojan

For all the updates made with an interest in forcing victims to pay for their files back, the '.zzz File Extension' Ransomware does have critical weaknesses that are nearly universal among file encryption Trojans. Backups left disconnected from your PC can be used to restore all encrypted files, along with cloud server accounts that are inaccessible to the '.zzz File Extension' Ransomware. However, PC users shouldn't limit themselves to local backups, and, in particular, default Windows backup features, which are targets of deletion by the '.zzz File Extension' Ransomware and other TeslaCrypt Ransomware variants.

The '.zzz File Extension' Ransomware can leave its files in non-standard locations, use random names that obfuscate its identity, and modify the system's Registry harmfully. Even PC users with experience in the anti-malware industry should use dedicated security tools for deleting the '.zzz File Extension' Ransomware. Likewise, scanning potential carriers of the '.zzz File Extension' Ransomware, such as downloads from less than reputable sources, can prevent a file 'hostage scenario' crisis before it starts.

Loading...