Home Malware Programs Ransomware BellevueCollegeEncryptor Ransomware

BellevueCollegeEncryptor Ransomware

Posted: May 1, 2019

The BellevueCollegeEncryptor Ransomware is a file-locking Trojan that targets files according to their formats and locations and blocks them with encryption. Some of its symptoms include creating new text between the filename and the extension, creating extortionist pop-ups, and generating multiple text messages. Users should protect their files by backing them up and keep anti-malware products for uninstalling the BellevueCollegeEncryptor Ransomware securely.

Trojans Getting Some Higher Education

AV industry honeypots and other threat-detecting mechanisms have found few entries in the CryptoWire Ransomware family for 2019, but a new threat may shift that lull. The BellevueCollegeEncryptor Ransomware shows some of the traits of this family in its payload's cosmetic choices, but malware experts are finding other things of interest in it. This Trojan may be getting new sub-variants for every target.

The BellevueCollegeEncryptor Ransomware encrypts files of likely media-based targets on infected PCs, such as DOCs, ZIPs, or MP3s, and may encrypt the contents of some locations (like the desktop) without any regard for the formats. It also displays the signature filename editing behavior of CryptoWire Ransomware: that is, inserting new text between the extensions and the file's name. This quirk is somewhat unique to this family, and malware researchers rarely see it appearing in other file-locking Trojans, which prefer appending their changes after extensions, or replacing them.

The new addition that the BellevueCollegeEncryptor Ransomware gives to its campaign is the claim in one of its Notepad messages of customizing itself to each victim. Although there's no evidence of other variants of the BellevueCollegeEncryptor Ransomware, this possibility could mean that attacks against the college in question could be forthcoming, along with matching ones against other institutions of higher learning.

Failing a Trojan at Attempted Extortion

The BellevueCollegeEncryptor Ransomware is in threat databases in a testing state that includes typos, but no victims are reporting attacks by it, as of the first of May. However, its encryption is functional and can block files until an appropriate decryptor reinterprets them. There sometimes are free unlocking solutions available for variants of CryptoWire Ransomware, and malware experts recommend checking such possibilities before taking any rash actions concerning ransoms.

Exploiting Remote Desktop Protocol settings, spammed e-mail attachments, and brute-forcing networks with unfortunate password choices are three of the top strategies that threat actors are using for circulating threats of most categories. Appropriate security standards and due diligence, concerning your file downloading habit especially, can protect your computer from most exploits. Anti-malware products should find and remove the BellevueCollegeEncryptor Ransomware without any trouble, provided that they have the chance of doing so in the first place.

Criminals that get specific about who they're attacking, often, have better chances of tricking their victims into self-endangering actions. Students, professors, and network administrators in the educational sector should be mindful since what a Trojan like the BellevueCollegeEncryptor Ransomware does isn't always undoable

Loading...