Best Recovery Ransomware
The Best Recovery Ransomware is a file-locking Trojan that's an update of the MedusaLocker Ransomware. The Best Recovery Ransomware holds the same dangers as that threat, including, most prominently, blocking the files on your computer by encrypting them. Windows anti-malware services can remove the Best Recovery Ransomware on sight, but there is no guarantee of recovering any lost data without a backup.
Back from Vacation to Petrify Your Files Anew
The 2019's MedusaLocker Ransomware, after a brief hiatus, is appearing again, but with reworked details. Its name and ransom note bear signs of updating, but the Best Recovery Ransomware's tactic is the same as its predecessor's: blocking files with encryption and demanding money. The Best Recovery Ransomware samples are less than a megabyte but may cause irreversibly damaging effects.
The Best Recovery Ransomware runs on Windows machines, just like the former, Greek myth-inspired Trojan, and encrypts files so that they will not open, as well as destroying their Shadow Volume Copy backups. Some differences that malware researchers note include a changed extension ('best_recovery' instead of 'encrypted') and a slightly-differently formatted HTML ransom message. The latter keeps some of its resemblance to the Globe Imposter, but with cleaner text display and different e-mails for contacting the threat actors.
While the lack of opening files is the most apparent concern with the Best Recovery Ransomware infections, the Trojan also conducts less-detectable attacks. Registry changes will disable or modify various features, including the UAC. In this environment, the PC is vulnerable to further attacks and may not alert the user to unusual program behavior. However, unlike the STOP Ransomware, it doesn't go so far as to block security-based websites.
Better Data Recoveries for the Needy
The Best Recovery Ransomware uses a professionally-formatted ransom note that sells its decryption service while not letting readers have the upfront price. Threat actors may withhold such details for changing the costs, according to the needs and damages of the victim. There is, additionally, no way of knowing whether they'll keep their word – and examples of them not doing so, as per the Trix Ransomware campaign, are routine.
The Best Recovery Ransomware is small-sized, suitable for most versions of the Windows operating system, and has little payload behavior related to its distribution. Malware researchers find many threat actors targeting vulnerable servers by brute-forcing their passwords, and more random victims may infect their computers by downloading fake software updates or torrents. Responsible password management and downloading curation are helpful for cutting down on file-locking Trojan attacks universally.
While this MedusaLocker Ransomware variant is a new version, its detection rates are the same as with the old version of the Trojan approximately.
Taking one's eyes off Black Hat software is never safe entirely. While the MedusaLocker Ransomware heyday is past, its name lives on in an offspring, and the Best Recovery Ransomware is no worse at turning data to stone than the prior Trojan.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.