Good Ransomware
The Good Ransomware is a file-locker Trojan that encrypts digital media, such as your documents. Symptoms of infection consist of 'good' extensions in your files' names, which will not open, regardless of whether or not you remove the filename change. Keeping backups secure is highly recommended for countering its attacks, although most anti-malware programs should have no obstacles when removing the Good Ransomware.
Nothing Good About Meeting This Software
A fresh, file-locker Trojan is appearing in August of the current year, with symptoms similar to old versions of the Scarab Ransomware. Although some of the Good Ransomware's cosmetics are in-line with that family, malware experts are estimating no close relation. Users still can protect their files with the usual procedure of backing up to another device, since this Trojan is just as encryption-capable as any Ransomware-as-a-Service.
Like the old Scarab, the Good Ransomware uses encryption for blocking digital content, before adding 'good' extensions into their names. For example, 'a-document.doc' would become 'a-document.doc.good.' Malware experts can't confirm the Good Ransomware's encryption algorithms, however, and the Trojan might use a totally-different means of blocking the file from opening.
Also, like the Scarab Ransomware members, the Good Ransomware compromises Windows environments and targets the user's Documents directory, among other locations. Users paying attention to any new files will find a ransom note in a TXT format, although the Good Ransomware doesn't use the same template as the Scarab Ransomware for its demands. It does include some familiar themes: free e-mail addresses for negotiating over buying the unlocker, and a deadline without a specific date. Such social engineering techniques can encourage victims into paying before they realize nothing is holding the threat actor to his side of the deal.
Staying on the Good Side of Bad Programs
File-locker Trojans are, mostly, opportunists, and any users already taking precautions against their attacks should have sufficient protection against the Good Ransomware's payload. Securing your work to a non-local backup provides the most effective recovery solution for any documents, pictures, or other files that the Good Ransomware might harm. In emergencies without backup availability, users have two, more routes: testing free decryptors provided by members of the cyber-security sector, or using Shadow Copy-based restoration options.
File-locker Trojans have multiple distribution methods that are in notable use, currently. Some of the most likely exploits for dropping the Good Ransomware include:
- Fake downloads of pirated content (on torrents, etc.).
- RDP or brute-force credential hacking of vulnerable servers.
- Phishing e-mail attachments.
- Browser vulnerabilities (particularly, through threats like the Fallout Exploit Kit).
Users can browse the Web in safety against these dangers by disabling exploitable features like JavaScript, sticking to legal download resources, and avoiding using weak passwords. Anti-malware services also can provide last-minute protection by removing the Good Ransomware as they detect it.
As another lesson to Windows users without backups, the Good Ransomware is a redundant addition to a much-crowded industry. Unfortunately, Black Market software thrives as long as the circumstances for making money off through them do the same.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.