Asasin Ransomware
Posted: October 11, 2017
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 8/10 |
|---|---|
| Infected PCs: | 5 |
| First Seen: | October 11, 2017 |
|---|---|
| Last Seen: | January 27, 2019 |
| OS(es) Affected: | Windows |
The Asasin Ransomware is a member of the '.locky File Extension' Ransomware family, a group of Trojans that block their victims' files by using non-consensual encryption. An Asasin Ransomware infection renames all locked media and provides a custom extension, as well as generating ransom-themed messages for the victim. Users can keep backups for protecting their files from this Trojan's attacks, along with having their anti-malware applications uninstalling the Asasin Ransomware as soon as possible.
Murdering Data with a Side of Typos
The '.locky File Extension' Ransomware is still at the forefront of modern, encryption-based cyber attacks, but its threat actors are unconcerned with the superficial elements of aesthetics seemingly, such as spellchecking. The latest update to this active family is the Asasin Ransomware, whose only change is switching its cosmetic brand to a misspelled word. Like any functional member of this group of Trojans, the Asasin Ransomware locks files with encryption and tries to force the victim to pay through its website for recovering them.
Trojans of the Asasin Ransomware's lineage most often compromise PCs with fake email messages, especially imitation invoices, and other, business, news, or finance-themed attachments. When it opens, the Asasin Ransomware modifies the Registry for enabling its automatic launch and may suppress boot-up errors or disable some Windows features, such as the Task Manager. However, malware analysts are emphasizing the two attacks below as being the Asasin Ransomware's primary payload:
- The Asasin Ransomware attacks typical formats of media, including spreadsheets, documents, or pictures, with an encryption function that encodes these files and renders them incapable of opening. Unlike most file-locking threats, the Asasin Ransomware also replaces the original names with its personalized ID entirely along with adding the '.asasin' extension.
- The Trojan also creates ransom notes that the Asasin Ransomware can display via hijacked desktop wallpapers, text and Web pop-ups. Victims are asked to visit the threat actor's custom TOR site for paying a ransom to decode and unlock their files.
Precautions for Protecting Your Files from Enciphered Murder
The family from which the Asasin Ransomware acquires its encryption code from doesn't include any publicized vulnerabilities that could help third parties decrypt the locked files. Malware experts estimate that the appearance of a freeware decryptor for any update of the '.locky File Extension' Ransomware is unlikely, and most victims without backups will have no free data-recovering options. Saving backups to peripheral devices or cloud storage regularly can eliminate any permanent damage that would occur during the Asasin Ransomware infections.
Since the Asasin Ransomware, like most threats with file-locking features can cause permanent data loss, users should abide by security standards that could prevent its installation ever from happening, if possible. Most commonly, Trojan droppers for this family circulate with the help of spam emails. Some threat actors also choose to compromise the targets manually, with brute-force hacking tools. Modernize your password management habits for reducing your vulnerability to targeted attacks, and have anti-malware products active and updated for removing the Asasin Ransomware before it blocks any media.
Since the '.locky File Extension' Ransomware family is, seemingly, seeing no reduced success from its payload, its threat actors have no reason to make massive changes to small releases like the Asasin Ransomware. Users who aren't putting the work into their personal, digital security also reduces the workloads of the people who take advantage of them.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.