Calum Ransomware
The Calum Ransomware is a file-locking Trojan from the Phobos Ransomware family. Blocking files with encryption remains the most significant symptom of infection, which the Calum Ransomware causes for extorting money from the victims. Users should have backups for all their data restoration needs, although most anti-malware programs should remove the Calum Ransomware by default.
More to Fear from the Phobos Ransomware Family
The Trojan family, whose name is a reference to the Greek word for fear, has a quick follow-up to November's Octopus Ransomware, in the form of the Calum Ransomware. This family, while years old, lacks the size of significant competitors like the Dharma Ransomware, despite recurring campaigns such as the Acton Ransomware, the Banta Ransomware, and the 'fobosamerika@protonmail.ch' Ransomware. This latest example comes with updates to contact information and extensions, and little else.
While the Calum Ransomware's updated elements are trivial, including different changes to file names and e-mail contacting information, its more essential features are as functional as always. These attacks include the AES encryption (for locking files, such as documents), disabling security features like the Windows firewall and wiping the Shadow Volume Copy backups. Together, they tempt victims into a situation of paying a ransom for unlocking their files, which the Calum Ransomware offers through its HTA message.
The Calum Ransomware also includes a 'spare' ransom note in a TXT format, possibly, in case its HTA pop-up doesn't trigger. Like the HTA, it also offers a Jabber account for negotiating, as a backup for the e-mail address-based channel. This feature is less widespread in Ransomware-as-a-Service families than most of the Phobos Ransomware's other symptoms. It indicates the increasing awareness among criminals of the value of social networking applications and services.
Getting Brave in the Face of Warfare against Files
Nearly all file-locking Trojans hold a vulnerability in common: limited or no targeting methods against backups secured on a cloud service or, better yet, a detached device. While file-locking Trojans often target entire networks' worth of data at a time, to do so, they must bypass credentials through brute-force techniques or use other exploits. System administrators can, accordingly, harden their defenses against intrusions and limit network traversal by threat actors.
The Calum Ransomware is just as likely to harm an individual's PC as it is a business's server. Users should avoid risky contact with e-mail attachments, torrents, and updates through unofficial means like advertising networks or typo-squatting websites. Safe security practices on the Web, along with attention to considerations like security patches and passwords, will reduce the risk of the Calum Ransomware infections significantly.
Fear can be a healthy reaction to danger, but also an unnecessary strain on those who are placing themselves in unfortunate situations. A little care with your files will pay off with nothing to be afraid of from the Calum Ransomware later on, for anyone with valuable data.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.