Acton Ransomware
The Acton Ransomware is a file-blocking Trojan that's a variant of the Phobos Ransomware. The Acton Ransomware takes your media hostage with its encryption attack before giving you a ransom through text files and local Web pages. Abiding by appropriate backup guidelines will keep your media safe from permanent damage, and most anti-malware products will stop and delete the Acton Ransomware accurately.
Phobos Ransomware's New Child is Watching Television
The Phobos Ransomware is one of various, smaller groups of file-locking Trojans that borrows content from greater ones, such as the Crysis Ransomware's RaaS business. While it's not the most creative Trojan, it and its many revisions, like the Adage Ransomware, the 'fobosamerika@protonmail.ch' Ransomware, the 'tedmundboardus@aol.com' Ransomware, and, arguably, the hybrid of the 'audrey.b@aol.com' Ransomware, all represent new angles for file-ransoming attacks. A sample that malware analysts confirm as of July, the Acton Ransomware, belongs to this family and could be using media references for its brand.
Most of the Acton Ransomware's payload is typical for a Phobos Ransomware variant: it blocks the user's media content with AES encryption, appends IDs, e-mail addresses, and an extension ('acton,' in this case) to their names, and creates TXT and HTA ransom notes. The locking routine keeps the victim's files from being accessible. Meanwhile, the messages offer a ransoming negotiation solution via both e-mail and the Jabber messenger.
One of the few cues of individuality that the Acton Ransomware offers lies in the Jabber account's name, which is an apparent 'Breaking Bad' TV show reference. The Acton Ransomware wouldn't be the first Trojan using that franchise for illegal ends; it's a popular choice for competing Trojans, like The 'Los Pollos Hermanos' Crypto Virus or the CryptoLocker's Better_Call_Saul Ransomware variant.
Acting on an Impending Danger to Your PC's Work
Whether the Acton Ransomware is, once again, a subversion of hit television is of little relevance to the danger it poses for all pictures, documents and other media on your computer. As of 2019, there isn't a decryptor for its family, although a security vendor is requesting samples for further analysis that could deliver such solutions. Until that happens, users will need backups for recovering any work that the Acton Ransomware locks.
Other security problems that malware experts find notable in attacks by the Acton Ransomware's family include the non-consensual deletion of the Restore Point data, disabling of your firewall software, the deactivating of Windows boot-related security features, and the presence of Black Hat tools like Process Hacker 2. E-mail spam or phishing tactics, torrents, fake updates from unsafe websites and brute-forcing of server logins are some of the most likely means of the Acton Ransomware's compromising a target.
Since this family is a well-analyzed one, most security products shouldn't have problems with removing the Acton Ransomware. They also should identify and block a possible installation of the Trojan beforehand, and preserve your files accordingly.
The interplay between media products and criminal software campaigns is a side note, compared to the technical dangers of encryption and data-wiping functions. What the Acton Ransomware uses for its point of contact during a negotiation is far less meaningful than knowing the ways of stopping that extortion from happening.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.