'help24decrypt@cock.li' Ransomware
The 'help24decrypt@cock.li' Ransomware is a variant of the FenixLocker Ransomware (AKA Centrumfr@india.com Ransomware), a file-locker Trojan that blocks your media by encrypting it. The modern versions of this family are not decryptable for free, and having a recent backup is the best recovery means available for any files. The users can keep their PCs safe from attacks by way of anti-malware products for removing the 'help24decrypt@cock.li' Ransomware on sight.
The Phoenix Rises from the Ashes
While the anti-malware industry began examining the threat known as the FenixLocker Ransomware back in 2016, the aging process doesn't always degrade a file-locking Trojan's payloads. For some, including this underutilized Trojan's family, the passage of time grants updates with improved security that help keep the users from saving their media. At least one threat actor is taking advantage of this benefit in the present day through his the 'help24decrypt@cock.li' Ransomware campaign.
The 'help24decrypt@cock.li' Ransomware can encrypt media such as the usual Word documents, Excel spreadsheets, music, and other productivity or recreational content using a TEA algorithm. Recent builds from this family also employ an additional RSA layer for protecting it from being cracked and decrypted by the victim. Unlike most file-locking Trojans, the 'help24decrypt@cock.li' Ransomware doesn't add a 'true' extension onto these files; it merely appends the bracket-enclosed e-mail from its names.
The threat actor also is keeping the FenixLocker Ransomware's Notepad ransom note with just a few, cosmetic changes, besides the mandatory address update. While paying the ransom could give the users some chance of restoring their work, it's just as likely that the unknown threat actor will take the payment without offering a decryption service. Malware researchers recommend backing up work to other devices for a compensatory failsafe ordinarily.
Putting Out the Spark of Money Under Duress
The 'help24decrypt@cock.li' Ransomware is out in the wild, and its victims are reporting attacks, although malware researchers are unsure about the payment of any ransoms, or the associated prices. Besides backing up media for its protection, Windows users can protect themselves against this file-locking Trojan and most others like it by the following:
- E-mail attachments, including executables with fake names and documents with embedded vulnerabilities, can serve as installers for the 'help24decrypt@cock.li' Ransomware. Scan any files from new sources before opening them, patch your word-processing software, and don't enable high-risk content like macros carelessly.
- Threat actors also gain backdoor control over non-secure servers and networks by brute-forcing their logins. Appropriate password management and updating website infrastructure will prevent most such attacks from succeeding.
A lesser number of incidents, also, may employ indiscriminate methods, like torrents, or compromising websites with exploit kits that can, in turn, attack any visitors. Anti-malware software helps stop attacks from these and other sources, along with being the recommended means of removing the 'help24decrypt@cock.li' Ransomware.
The 'help24decrypt@cock.li' Ransomware is an unexpected update to a family thought long-since extinguished. It's never too late for a Trojan's resurrection, just like it's never too soon to start updating your backup practices.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.