'.342 Extension' Ransomware
Posted: December 1, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 59 |
| First Seen: | December 1, 2016 |
|---|---|
| Last Seen: | August 30, 2022 |
| OS(es) Affected: | Windows |
The '.342 File Extension' Ransomware is an updated version of the '.locky File Extension' Ransomware that uses e-mails as its infection vector. Readers who open the mislabeled attachments are at risk for having their local files damaged by this Trojan's encryption routine permanently. Solutions to such attacks should always strive to recover data through methods that don't compensate the Trojan's threat actor with ransom payments and use proper anti-malware products for uninstalling the '.342 File Extension' Ransomware.
The '.locky File Extension' Ransomware Has Something New to Stuff in Your Stocking
The progression of the '.locky File Extension' Ransomware (or, colloquially, just 'Locky') as a threat is seeing new releases with extreme regularity. Although the '.342 File Extension' Ransomware, its latest variant, lacks the same branding strengths of the '.thor File Extension' Ransomware or other variants, the Trojan continues being an encryption-capable threat that represents the potential for serious data damage. Malware experts can confirm its attacks dating from at least early November.
The '.342 File Extension' Ransomware still is in the business of targeting small and mid-sized for-profit companies and uses Trojan droppers that install it through spam e-mails. The attachments disguise themselves as being fax documents or other, work-related content with a matching subject line and file name time stamps. With a complete installation from the unwary e-mail reader, the '.342 File Extension' Ransomware then begins scanning the system, including all drive letters and network-mapped drives.
After-the-fact symptoms of the '.342 File Extension' Ransomware's payload include:
- The '.342 File Extension' Ransomware uses the AES encryption to lock your files, stopping them from opening until a decryption program decodes them.
- The '.342 File Extension' Ransomware resets your wallpaper to an image delivering its ransom message, asking for money in return for giving you its decryption help.
- You also may see additional extortion instructions in a pop-up that the '.342 File Extension' Ransomware loads through your default Web-browsing application.
Counting Down to Ending the '.342 File Extension' Ransomware's Campaign
Although malware experts note negligible changes between the '.342 File Extension' Ransomware and other variants of its family, its persistence and distribution methods point to the continuing profitability of campaigns attacking the business sector. Medium and small business systems are more likely to save valuable data than a personal-use computer but not implement the stringent backup strategies in use by large corporations. Workers should enable the display of file formats, by default, and use anti-malware tools to identify fraudulent attachments that could leverage the '.342 File Extension' Ransomware.
Although paying con artists ransom money for your data has obvious risks, the '.342 File Extension' Ransomware's family is not yet open to being decrypted by third-party applications. Saving backups to external servers, drives, or devices can preserve data against these localized attacks. Anti-malware products, if active, also may remove the '.342 File Extension' Ransomware before its scan-and-encrypt function can complete itself.
The '.342 File Extension' Ransomware is a good look at how the threat industry profits off of the poor security practices of some business sectors. Having valuable data that you don't take any additional steps to protect is never a good combination for anyone except, perhaps, the people taking advantage of it.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.