Alcatraz Ransomware

Alcatraz Ransomware Description

The Alcatraz Ransomware is a Trojan that solicits ransom payments by encrypting, and thereby blocking your files, such as pictures. When paying these ransoms, victims should consider that a con artist may not reciprocate any working decryption services or software, making the act in vain. Standard anti-malware products, along with data storage redundancy, can work together to remove the Alcatraz Ransomware and keep its attacks from locking you out of your saved data.

A Prison Operating without a Justice System

The variety of social engineering techniques at work in current Trojan campaigns leads to a wide range of symptoms and visible effects, although the long-term damages corresponding to them often are highly consistent. While some Trojans may pretend to be a form of technical support or even a built-in part of Windows, others, such as the Alcatraz Ransomware, don't bother disguising their attacks as anything but overtly threatening. This Trojan generates pop-ups making direct demands for ransom payments, in addition to encrypting your private data.

Malware experts can associate current distribution exploits for the Alcatraz Ransomware to the RIG Exploit Kit, a browser-based threat with past ties to the Cerber 4.0 Ransomware and other Trojans of the same classification. The EK uses HTML-embedded script exploits, such as Java vulnerabilities, for installing the Alcatraz Ransomware after the Web surfer loads an unsafe website. The Trojan then scans for files, including JPG pictures and documents, that it encrypts and appends with the '.Alcatraz' extension.

Only afterward does the Alcatraz Ransomware's payload include a visible symptom: its HTML pop-up window. The initial ransom message is available in multiple languages and redirects to a website hosting the Alcatraz Ransomware's payment infrastructure (operating via Bitcoin). Malware experts note a potentially variable time limit on ransom payments, ranging from a week to a month, although there remains no guarantee that paying will decrypt your files.

Contriving a Jailbreak from an Undeserved Prison

Unlike threats with more elaborate social engineering tactics, the Alcatraz Ransomware's only incentive for forcing payment lies in its capacity for blocking files by encoding them. PC owners backing their hard drives up to cloud servers or other devices can restore them without needing a decryption process, or the key for it. Others may wish to contact appropriate anti-malware researchers for assistance with the possibility of developing a free decryption application, which sometimes is possible after reviews of samples of both the threat and the encrypted data.

Malware experts also recommend tending to security vulnerabilities that expedite the distribution of the Alcatraz Ransomware, and file-encrypting Trojans like it. Web browsers using old plugins, enabling scripts globally, and loading potentially unsafe websites are at high risk of being impacted by attacks. Professional anti-malware products can intercept these attacks and remove the Alcatraz Ransomware before any encryption takes place.

Inevitably, profit for a con artist means a loss of money from an innocent victim. However, even new threats like the Alcatraz Ransomware are rarely any more capable than old ones of standing up to the most basic standards of Web-browsing security.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Alcatraz Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



file.exe File name: file.exe
Size: 117.76 KB (117760 bytes)
MD5: 35d93ccc99cf73c9c46349718aeae588
Detection count: 40
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: November 7, 2016

More files

Posted: November 1, 2016
Threat Metric
Threat Level: 10/10
Infected PCs 9
Home Malware Programs Ransomware Alcatraz Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.