Chuk Ransomware
The Chuk Ransomware is a file-locking Trojan that's part of the Dharma Ransomware family, a long-known Ransomware-as-a-Service. The Chuk Ransomware infection methods may use brute-force attacks, torrents, or e-mail attachments, after which the threat blocks digital media files and holds them for ransom. Appropriate backup protocols will deflect most of the dangers from infections, and worthwhile anti-malware tools can remove the Chuk Ransomware.
The Dharma Ransomware Continues Its File-Invading Reign
As Trojans families rise and fail, some entities in the threat landscape maintain overall longevity that's unmistakable. Ransomware-as-a-Services like the STOP Ransomware, the Snatch Ransomware, and the Dharma Ransomware – a significant branch of the Crysis Ransomware Trojan-making kit – have long since proven their lifespans. The last of these families has yet another player in the game of blocking files for money by the Chuk Ransomware's unassuming name.
Compatible with most versions of the Windows OS, the Chuk Ransomware uses an AES-based, secure encryption feature for blocking files. This feature can stop most media formats from opening, but the family of Trojans targets content like documents, spreadsheets, slideshows, music and pictures mainly. Every file also receives an addition to its name, which consists of the campaign extension ('chuk'), and ransoming details like the threat actor's e-mail address.
In addition to this attack, the Chuk Ransomware supports it by deleting local backups or the Shadow Volume Copies. This addition prevents users from restoring from their Windows Restore Points. Users have the option, however risky, of paying the Trojan's ransom, which it demands through TXT and HTA (interactive HTML pop-up) messages. Although malware experts discourage rewarding Ransomware-as-a-Services with money, any victims without other backups have limited alternatives for recovering their work.
Traditional Routes Out of an All-Too-Typical Trojan Problem
The Chuk Ransomware shows minimal changes from its many relatives besides different ID strings, e-mails and extensions. Compared to other relatives, malware experts connect to the Dharma Ransomware, such as the Bitx Ransomware, the Bmd Ransomware, the Cl Ransomware, or the NW24 Ransomware, the Chuk Ransomware is secure equally concerning its encryption. This relatively impenetrable data blockage makes the presence of backups on other devices, such as cloud storage, NAS, or USBs, that much more vital for any victims.
All versions of the Chuk Ransomware's installers available to malware researchers show no clues of their installation exploits or associated tactics. It's exceedingly likely that vulnerable businesses will receive fake invoices and other documents over e-mail, with criminals abusing software vulnerabilities like macros for drive-by-download attacks. Workers also should scrutinize their login credentials for weaknesses that could let an attacker access the server by guessing passwords.
A healthy backup plan with a well-maintained schedule will remove most of the incentive and data loss around the Chuk Ransomware infections. Anti-malware programs also tend to be useful for deleting the Chuk Ransomware and its relatives, preemptively or otherwise.
A file-locker Trojan is far from any innovation in the threat landscape, but the Ransomware-as-a-Service model's persistence is worth noting. It's an illicit ransom-raking machine that profits by way of both companies and home users not backing up their work solely, which is far too expensive a habit for anyone to afford.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.