Home Malware Programs Ransomware '.342 Extension' Ransomware

'.342 Extension' Ransomware

Posted: December 1, 2016

Threat Metric

Threat Level: 10/10
Infected PCs: 54
First Seen: December 1, 2016
Last Seen: January 21, 2022
OS(es) Affected: Windows

The '.342 File Extension' Ransomware is an updated version of the '.locky File Extension' Ransomware that uses e-mails as its infection vector. Readers who open the mislabeled attachments are at risk for having their local files damaged by this Trojan's encryption routine permanently. Solutions to such attacks should always strive to recover data through methods that don't compensate the Trojan's threat actor with ransom payments and use proper anti-malware products for uninstalling the '.342 File Extension' Ransomware.

The '.locky File Extension' Ransomware Has Something New to Stuff in Your Stocking

The progression of the '.locky File Extension' Ransomware (or, colloquially, just 'Locky') as a threat is seeing new releases with extreme regularity. Although the '.342 File Extension' Ransomware, its latest variant, lacks the same branding strengths of the '.thor File Extension' Ransomware or other variants, the Trojan continues being an encryption-capable threat that represents the potential for serious data damage. Malware experts can confirm its attacks dating from at least early November.

The '.342 File Extension' Ransomware still is in the business of targeting small and mid-sized for-profit companies and uses Trojan droppers that install it through spam e-mails. The attachments disguise themselves as being fax documents or other, work-related content with a matching subject line and file name time stamps. With a complete installation from the unwary e-mail reader, the '.342 File Extension' Ransomware then begins scanning the system, including all drive letters and network-mapped drives.

After-the-fact symptoms of the '.342 File Extension' Ransomware's payload include:

  • The '.342 File Extension' Ransomware uses the AES encryption to lock your files, stopping them from opening until a decryption program decodes them.
  • The '.342 File Extension' Ransomware resets your wallpaper to an image delivering its ransom message, asking for money in return for giving you its decryption help.
  • You also may see additional extortion instructions in a pop-up that the '.342 File Extension' Ransomware loads through your default Web-browsing application.

Counting Down to Ending the '.342 File Extension' Ransomware's Campaign

Although malware experts note negligible changes between the '.342 File Extension' Ransomware and other variants of its family, its persistence and distribution methods point to the continuing profitability of campaigns attacking the business sector. Medium and small business systems are more likely to save valuable data than a personal-use computer but not implement the stringent backup strategies in use by large corporations. Workers should enable the display of file formats, by default, and use anti-malware tools to identify fraudulent attachments that could leverage the '.342 File Extension' Ransomware.

Although paying con artists ransom money for your data has obvious risks, the '.342 File Extension' Ransomware's family is not yet open to being decrypted by third-party applications. Saving backups to external servers, drives, or devices can preserve data against these localized attacks. Anti-malware products, if active, also may remove the '.342 File Extension' Ransomware before its scan-and-encrypt function can complete itself.

The '.342 File Extension' Ransomware is a good look at how the threat industry profits off of the poor security practices of some business sectors. Having valuable data that you don't take any additional steps to protect is never a good combination for anyone except, perhaps, the people taking advantage of it.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to '.342 Extension' Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.