Home Malware Programs Ransomware .AUDIT File Extension' Ransomware

.AUDIT File Extension' Ransomware

Posted: November 12, 2018

The '.AUDIT File Extension' Ransomware is a file-locking Trojan from the Dharma Ransomware branch of the Crysis Ransomware family. This threat may be masquerading as a freeware or shareware product or receive its installation after threat actors brute-force access into a vulnerable server. Have your anti-malware software eliminate the '.AUDIT File Extension' Ransomware before dealing with other issues immediately, such as data recovery and the re-securing of logins.

The Audit with a Cost in Digital Media

More releases of the Dharma Ransomware are surfacing in November, continuing the trend of development from old variants like the 'Lavandos@dr.com' Ransomware and the Supermagnet@india.com Ransomware up to the 'wisperado@india.com' Ransomware, the Arrow Ransomware, and the extremely new the '.AUDIT File Extension' Ransomware and the '.cccmn File Extension' Ransomware. Investigations from malware researchers have yet to verify how it's circulating, but the '.AUDIT File Extension' Ransomware does stand out for how it hides, once it's on the PC.

The '.AUDIT File Extension' Ransomware's Windows executable uses fake file credentials that represent it as being a product of ProXoft LLC, a Windows shareware company that maintains utilities such as a binary viewer and a cookie editor. However, the '.AUDIT File Extension' Ransomware has no matching signature for providing extra authenticity to its disguise. The '.AUDIT File Extension' Ransomware also has no additional protection against traditional anti-malware solutions detecting it relative to predecessors or recent threats from the same Ransomware-as-a-Service collective, such as the '.cccmn File Extension' Ransomware.

The '.AUDIT File Extension' Ransomware includes slightly different encryption methods for handling large versus small files, but, in both cases, locks the media by using both AES-256 and RSA-1024 algorithms. The '.AUDIT File Extension' Ransomware also places 'AUDIT' into their names, as extensions, and creates ransoming instructions inside of an advanced HTML file. Since there's significant uncertainty in ransoming decryption help, malware researchers recommend against following the latter, which have no updates from previous releases other than a swapping of the active e-mail address.

The Ware that You Shouldn't Share with Your Network

The '.AUDIT File Extension' Ransomware is part of a Ransomware-as-a-Service or RaaS family whose circulation, often, hinges upon brute-force attacks, the exploitation of Remote Desktop features, and cracking fragile login credentials. Users should attempt segregating an infected PC from any other, accessible drives over storage devices or network connections, which the '.AUDIT File Extension' Ransomware may compromise during the infection. Malware researchers also are rating the '.AUDIT File Extension' Ransomware as being a risk to any Windows Restore Points that could recover your files.

Examples of formats that are endangered by the '.AUDIT File Extension' Ransomware infections include, but are far from limited to Word's DOCs, Adobe's PDFs, pictures like PNG and JPG, Notepad's TXTs, and archives such as ZIPs. This encryption is not, presently, breakable with free solutions, and a non-local backup is the only foolproof data recovery possibility that malware researchers are confirming. For most users, their default anti-malware services should delete the '.AUDIT File Extension' Ransomware and prevent infections from occurring.

The growth of the Ransomware-as-a-Service sector of the black market is due to irresponsible data redundancy and network protection habits. Keeping the '.AUDIT File Extension' Ransomware from being as profitable as the similar file-locker Trojans around it is up to each user who considers their files worth paying for preserving.

Loading...