HC7 Planetary Ransomware
Posted: January 12, 2018
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Ranking: | 7,393 |
|---|---|
| Threat Level: | 2/10 |
| Infected PCs: | 66 |
| First Seen: | June 7, 2023 |
|---|---|
| Last Seen: | October 12, 2023 |
| OS(es) Affected: | Windows |
The HC7 Ransomware is a relatively old file-encryption Trojan whose decryption was possible. Unfortunately, it seems that the authors of the project have stepped up their game and managed to release a new version dubbed the HC7 Planetary Ransomware which, unfortunately, is likely to end up being impossible to decrypt. In addition to using an enhanced file-locking method, the HC7 Planetary Ransomware also is the first file-encryption Trojan to accept payments via Ethereum. The rise of alternative cryptocurrencies such as Monero and Ethereum is likely to mean that the cybercrooks will be looking into them instead of focusing on Bitcoin payments.
Apart from the new payment method and the enhanced security of the encryption algorithm, the HC7 Planetary Ransomware is very similar to the HC7 Ransomware since it does not bring any other peculiar features to the table. The HC7 Planetary Ransomware is not being spread via spam emails or fake downloads and, instead, its authors rely on exploiting vulnerable remote desktop software manually to gain illicit access to computers and infect them. Judging by the contents of the ransom note, it is possible that the HC7 Planetary Ransomware's primary targets might be companies since the authors demand $700 for the decryption of one PC and $5,000 for the decryption of all computers on the compromised network.
Because attacks by the HC7 Planetary Ransomware are carried out manually, it is possible that the attackers will wipe out all of their traces, therefore not leaving any corrupted executable behind. The only traces victims are likely to find immediately is the ransom note stored in 'RECOVER.txt,' as well as the fact that the majority of their important files will be inaccessible, and their names will have the '.planetary' extension added to them. The author of the HC7 Planetary Ransomware has also provided an e-mail address for contact - m4rk0v@tutanota.de.
Unfortunately, victims of this new strain might not have many options ahead of them since the chances of making a full recovery without a reserve backup is nearly impossible. However, this certainly does not mean that you should even consider cooperating with the authors of the HC7 Planetary Ransomware. The advice is to run a credible anti-virus software suite that will guarantee the elimination of the file-lockers' components. When this is done, your best option would be to run file restoration software, which might help mitigate some of the caused damage.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.