'Help@decryptservice.info' Ransomware
The 'Help@decryptservice.info' Ransomware is a minor update of the BandarChor Ransomware with aesthetic changes primarily, such as new filenames for any encrypted content. Attacks still have the capacity for locking your files, possibly permanently, by using encryption-based enciphering techniques. Keeping backups (to restore any locked content) and anti-malware products for uninstalling the 'Help@decryptservice.info' Ransomware still are counter-responses highly recommended.
Seeing Old Trojans Back in Style
In the perpetually warring landscape waxing and waning between threat authors and cyber security experts, new threats are often a constant focus. Trojan developers may make new threats to avoid old security solutions or extract more profit from an already-proven illegal business model. However, some Trojans owe their success to being overlooked, such as the 'Help@decryptservice.info' Ransomware's ancestor, the BandarChor Ransomware.
Malware experts can track evidence of the BandarChor Ransomware back to mid-2014, making it one of the oldest file-encrypting Trojans overall. Two years later, they're now seeing the 'Help@decryptservice.info' Ransomware, an update that's almost identical to the previous threat. It uses a file-encrypting function dependent on a Command & Control network connection to implement its encryption attack, which uses an AES or Rijndael-based cipher.
In addition to blocking any local content by encrypting it, which modifies the internal file data to make it incomprehensible to other programs, the 'Help@decryptservice.info' Ransomware also edits its name by tagging it with an identification number and a contact address. Malware experts saw no change in the filename-modifying pattern compared to old BandarChor Ransomware versions, except for the 'Help@decryptservice.info' Ransomware's using a new e-mail address.
Sending Elderly Threats to a Nursing Home
As a threatening software, the 'Help@decryptservice.info' Ransomware is close to being a 'preserved fossil' that has almost no changes from versions of the same Trojan malware experts have been analyzing over 2014 and 2015. It most likely owes its continuing efficacy to the limited distribution of the BandarChor Ransomware, with relatively few verifiable attacks. Commonplace installation exploits for file-encrypting Trojans usually center on e-mail attachments, but malware experts also see periodic 'brute force' compromises that crack overly weak passwords successfully.
Although victims may offer samples to interested cyber security analysts to expedite the possible development of a free decryption tool, there are no such programs for the 'Help@decryptservice.info' Ransomware's family extent currently. Counteracting this threat efficiently may require restoring from a backup that it can't delete locally, such as a USB device. Malware experts also recommend quarantining or removing the 'Help@decryptservice.info' Ransomware with an appropriate anti-malware product before trying to restore your encrypted files.
The age of the 'Help@decryptservice.info' Ransomware's code stands as evidence that con artists don't have to jump to different products drastically on a monthly or yearly basis necessarily. In many cases, poor security practices from the average PC user can help them continue profiting off of incredibly well-known threat-coding practices.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.