'.blackblock File Extension' Ransomware
Posted: November 11, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 12 |
| First Seen: | November 11, 2016 |
|---|---|
| Last Seen: | June 22, 2020 |
| OS(es) Affected: | Windows |
The '.blackblock File Extension' Ransomware is a new release of the Globe Ransomware, a file-encrypting Trojan capable of blocking data by running it through a protected cipher. An active '.blackblock File Extension' Ransomware infection always is identifiable by the renamed and unusable files, as well as pop-up messages asking for money for restoring them. Affected PC users should attempt any of the other recovery options malware experts endorse and deploy anti-malware products for removing the '.blackblock File Extension' Ransomware.
The New Offspring of the Globe Ransomware on the Block
The RaaS (Ransomware-as-a-Service) model of Trojan campaigning continues being a major factor in the creation and deployment of new threats with close relationships to old ones, in many cases, only days or weeks apart from each other. One family, the Globe Ransomware, is seeing a particularly visible 'growth spurt' in the form of the '.blackblock File Extension' Ransomware, the '.UCRYPT File Extension' Ransomware, the '.kyra File Extension' Ransomware and others. Consistently, their payload always uses data encryption for attacking the PC and locking its contents.
The '.blackblock File Extension' Ransomware's encryption scan includes both network-mapped drives and local ones, with a particular focus on the user profile directory. After encrypting your files with a Blowfish-based algorithm (markedly divergent from the AES encoding methods that Trojans from other families prefer), the '.blackblock File Extension' Ransomware adds a personal extension, '.blackblock,' after the default extension.
Malware experts also associate the '.blackblock File Extension' Ransomware's family with automatically-loading pop-ups that the user sees after restarting Windows. These advanced HTML windows ask for differing amounts of ransom money, depending on the threat actor's configuration settings, and may provide both e-mail addresses and advice on using cryptocurrency to pay. However, the decryption process isn't automated, and the '.blackblock File Extension' Ransomware's authors may choose to take the payment without decrypting your files.
Escaping the Worst Kind of Black Mark on Your Files
To extort their victims successfully, the '.blackblock File Extension' Ransomware attacks require a lack of backups that could restore all encrypted content while eschewing any need to crack the Blowfish cipher. This family erases local backups on Windows machines, but malware experts can recommend using backups on remote services or devices for reducing the potential damages. Other PC security organizations also are releasing free decryption software, which is viable against different variants of the Globe Ransomware.
The '.blackblock File Extension' Ransomware's symptoms include easily-noticeable ones, such as a new extension on your files, desktop wallpaper hijackings and pop-ups. However, all of the above symptoms occur after the Trojan inflicts its encryption damage on your local data. Installing anti-malware products that can delete the '.blackblock File Extension' Ransomware before its payload concludes can stop this and similar threats beforehand.
As a conventional example of threat authors' new business models, the '.blackblock File Extension' Ransomware may be being distributed by third parties using exploits and hoaxes differing from previous ones. Although guarding your computer against all possible infection vectors may seem impractical, often, it's semi-passively achievable by using the right security software and maintaining naturally safe Web-surfing habits.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.