Alcatraz Ransomware Description
The Alcatraz Ransomware is a Trojan that solicits ransom payments by encrypting, and thereby blocking your files, such as pictures. When paying these ransoms, victims should consider that a con artist may not reciprocate any working decryption services or software, making the act in vain. Standard anti-malware products, along with data storage redundancy, can work together to remove the Alcatraz Ransomware and keep its attacks from locking you out of your saved data.
A Prison Operating without a Justice System
The variety of social engineering techniques at work in current Trojan campaigns leads to a wide range of symptoms and visible effects, although the long-term damages corresponding to them often are highly consistent. While some Trojans may pretend to be a form of technical support or even a built-in part of Windows, others, such as the Alcatraz Ransomware, don't bother disguising their attacks as anything but overtly threatening. This Trojan generates pop-ups making direct demands for ransom payments, in addition to encrypting your private data.
Malware experts can associate current distribution exploits for the Alcatraz Ransomware to the RIG Exploit Kit, a browser-based threat with past ties to the Cerber 4.0 Ransomware and other Trojans of the same classification. The EK uses HTML-embedded script exploits, such as Java vulnerabilities, for installing the Alcatraz Ransomware after the Web surfer loads an unsafe website. The Trojan then scans for files, including JPG pictures and documents, that it encrypts and appends with the '.Alcatraz' extension.
Only afterward does the Alcatraz Ransomware's payload include a visible symptom: its HTML pop-up window. The initial ransom message is available in multiple languages and redirects to a website hosting the Alcatraz Ransomware's payment infrastructure (operating via Bitcoin). Malware experts note a potentially variable time limit on ransom payments, ranging from a week to a month, although there remains no guarantee that paying will decrypt your files.
Contriving a Jailbreak from an Undeserved Prison
Unlike threats with more elaborate social engineering tactics, the Alcatraz Ransomware's only incentive for forcing payment lies in its capacity for blocking files by encoding them. PC owners backing their hard drives up to cloud servers or other devices can restore them without needing a decryption process, or the key for it. Others may wish to contact appropriate anti-malware researchers for assistance with the possibility of developing a free decryption application, which sometimes is possible after reviews of samples of both the threat and the encrypted data.
Malware experts also recommend tending to security vulnerabilities that expedite the distribution of the Alcatraz Ransomware, and file-encrypting Trojans like it. Web browsers using old plugins, enabling scripts globally, and loading potentially unsafe websites are at high risk of being impacted by attacks. Professional anti-malware products can intercept these attacks and remove the Alcatraz Ransomware before any encryption takes place.
Inevitably, profit for a con artist means a loss of money from an innocent victim. However, even new threats like the Alcatraz Ransomware are rarely any more capable than old ones of standing up to the most basic standards of Web-browsing security.
Use SpyHunter to Detect and Remove PC Threats
If you are concerned that malware or PC threats similar to Alcatraz Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.
Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.
File System Modifications
The following files were created in the system:
file.exeFile name: file.exe
Size: 117.76 KB (117760 bytes)
Detection count: 40
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: November 7, 2016