Home Malware Programs Ransomware Besub Ransomware

Besub Ransomware

Posted: July 3, 2019

The Besub Ransomware is a file-locking Trojan that can encrypt your media, such as pictures and documents, with AES for keeping it from opening. It makes money off of these attacks by selling its decryption or unlocking help through an accompanying text message. Users can attempt a variety of free data-recovering options instead, and always should have dedicated anti-malware solutions for removing the Besub Ransomware safely.

When Cracking Windows Gets Your Files Cracked Instead

A variant of the STOP Ransomware is having its infection strategies tracked back to a website that's banking on the popularity of Windows – and the expense of buying a legitimate copy of it. The Besub Ransomware is, regarding its user-facing attacks, not very different from close relatives like the Litar Ransomware, the Nusar Ransomware, the Vesad Ransomware or the codnat1 Ransomware. The social engineering that goes into distributing it, however, is a well thought-out tactic.

The Besub Ransomware infections are appearing throughout Indonesia, Egypt, and at least one, Portuguese-speaking nation, although the distribution of victims could be a coincidence. Indonesian cases connect themselves to contact with kmspico10.com, a corrupted website that provides a download of KMSpico, an illicit crack for Windows. While the domain does provide real copies of the tool, it also installs adware – with or without any consent – and, in some cases, the Besub Ransomware.

Since not all reports of the payloads involved with this site are consistent with one another, malware experts suspect that the threat actor is filtering traffic and compromising victims of particular regions. Indonesia and other, Southeast Asian nations are highly associated with the STOP Ransomware attacks, which use AES encryption for locking files. The Besub Ransomware, like its fellow members, will add a personal extension onto the names of any documents or other content that it takes captive, and follow it up by selling its decryption services in a ransom note.

Repairing the Cracks in Your File Security

The Besub Ransomware belongs to version 1.10 of the STOP Ransomware family, and advances in cryptography make a freeware solution to its attacks an unlikely savior. Users can protect their media by storing backups on removable devices or network-accessible services that are secure against any attacks. The Shadow Volume Copy-based repairs are, sometimes, possible, although the Besub Ransomware may erase this information with a CMD command.

Illicit software and media product downloads are recurring themes in the campaigns of the STOP Ransomware's variants. For their safety, users should avoid torrents and other resources that traffic in OS cracks, key generators, and other, illicit goods. A minority of services are flagging the Besub Ransomware's domain as being threatening, although any KMSpico site is reasonably presumable as being a potential danger.

Although decryption is beyond their purview, most dedicated anti-malware programs will remove the Besub Ransomware and other members of its family, when it's appropriate.

Premium software can be costly, but ransoms are even more so. The Besub Ransomware's extortion is more than the price on any version of Windows, and would-be software pirates should remember that.