CCHH Ransomware
The CCHH Ransomware is a file-locking Trojan from the Globe Imposter Ransomware family, which imitates the Globe Ransomware. Although the CCHH Ransomware has a somewhat-updated ransom note, it retains other features, such as encrypting files and holding them hostage, from old versions. Windows users with backups for data recovery and anti-malware products for removing the CCHH Ransomware should have adequate protection from this threat.
Definable Dangers from Family-Faking Trojans
The Trojan, whose fakery is in its cosmetic appearance almost-entirely, is returning to the wild with a new version, the CCHH Ransomware, after years of previous campaigns like the Erenahen Ransomware, the Ox4444 Ransomware, the Taargo Ransomware and the SuddenTax Ransomware. Nearly every release of this family marks its appearance with changes to e-mail addresses, and little else. In the CCHH Ransomware's case, the update is more aesthetic, which might confuse any victims identifying it.
The bare bones of the CCHH Ransomware's operations are similar to those of its relatives: in Windows environments, it searches for media-based files (including but not limited to documents, pictures, and music), and encrypts them so that they won't open. It also adds the first portion of its name into their names as an extension tag and creates a Web page for the victim's reading.
The latter, a mostly-conventional ransom note, takes some steps away from other versions of the Globe Imposter Ransomware family. Although the general instructions are similar to past attacks, the CCHH Ransomware uses different formatting for presenting its text, and, unusually, a gold-colored background. Such a drastic change in visuals, usually, marks a significant update to a Ransomware-as-a-Service family, which might indicate that the CCHH Ransomware's encryption is even more durable than ever.
Dodging that Deadly Splash of Gold
File-locking Trojans are a long-analyzed class of threat, and many of them have free, publicly-available decryption solutions on the Web. However, since securing encryption from third-party reversal isn't difficult, users shouldn't ignore backups and other recovery solutions even for amateur programmers. For the best chances of a comprehensive recovery, malware experts encourage keeping one or more backups of one's media files on different devices.
Many infection vectors for file-locking Trojans also are totally-preventable with quick and straightforward precautions. Disabling JavaScript, Java, and Flash will stop most drive-by-downloads through Web browsers. E-mail attachments and torrents are high-risk download sources that can distribute file-locking Trojans from the CCHH Ransomware's family and others. Responsible password selections also can mean the difference between avoiding or instigating a server-ransoming attack.
Dedicated anti-malware products always are suitable means of deleting file-locking Trojans. Malware experts continue confirming that these security products will remove the CCHH Ransomware after flagging it as a danger to Windows computers correctly.
The CCHH Ransomware's goldenrod-like visual is a smaller part of the puzzle of data-sabotaging Trojans than its encryption. What's surface-level on Black Hat software is more crucial than the attacks lurking deeper and how one can stop them rarely.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.