InfinityLock Ransomware
Posted: September 18, 2017
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 10 |
| First Seen: | September 18, 2017 |
|---|---|
| OS(es) Affected: | Windows |
The InfinityLock Ransomware is a file-locking Trojan that pretends to be a crack for the Adobe brand software. The InfinityLock Ransomware flags any locked media with a different extension, depending on the local hardware, and creates ransom notes in both your desktop's background and in dropped text files. You may mitigate the side effects of an infection through restoring a backup or using free decryption tools, but having anti-malware products deleting the InfinityLock Ransomware as soon as possible always is safest for your PC.
A Fake Form of Infinity in a Black Screen
Trojans that supplement their payloads with misleading, intimidating or false information aren't scarce in the Black Hat industry, but the different ways they deliver their lies can help set them apart from each other. Some of the new threats of this summer, such as the InfinityLock Ransomware, are using Command Prompt-based displays for their social engineering tactics. As a result, the crafted payload exploits the average victim's unfamiliarity with text interfaces to make the InfinityLock Ransomware's attacks seem even more threatening and comprehensive than the reality.
The InfinityLock Ransomware is an actual file-locking threat and does encrypt files using an AES-based enciphering, with a second RSA encryption protecting the key from any brute-forcing decoding solutions. While locking the user's media, such as videos, pictures, or text documents, the InfinityLock Ransomware displays a fake CMD window. The text in the prompt simulates the payload's encryption, with the additional 'enhancement' of making it look as if the InfinityLock Ransomware is using an unbreakable, RSA-2048-based cipher to encode the contents of all hard drives entirely. In reality, both the InfinityLock Ransomware's encrypting algorithm and targeted locations are less comprehensive than the presentation's implications.
The InfinityLock Ransomware adds pseudo-random extension tags to every file that it locks; the string it uses depends on the infected PC's central processing unit or CPU. The InfinityLock Ransomware also creates a text file that holds information associated with paying a ransom for the InfinityLock Ransomware's 'official' decryption service, which the Trojan supplements with a second, desktop wallpaper-based alert. Malware experts are finding fees at just under seven hundred USD, and the threat actor's use of Bitcoins, as usual, can prevent any refunds from taking place if the decryptor fails to perform.
Putting an Appropriate Price on an 'Infinite' File-Locker
Presuming that information a Trojan gives after compromising your PC is accurate is a misconception that often leads to the unnecessary waste of money, or further security problems and data loss. Contrary to the unspoken implications of the InfinityLock Ransomware's Command Prompt lines, malware analysts can confirm that any locked files are fully decryptable with appropriate software. Any users without the time to seek help from the security industry on finding a compatible file-decoding program should consider the merits of backing up their work to other devices.
The InfinityLock Ransomware is spreading as a fake crack for Adobe's Premiere Pro software. Both corrupted websites and decentralized file-sharing networks, such as torrents, can be resources that promote such fake downloads. Only eleven of over sixty brands of security software can detect this threat before it compromises your computer currently, and malware experts recommend that you update your anti-malware programs routinely to let them delete the InfinityLock Ransomware with optimal accuracy.
The InfinityLock Ransomware is a double-layered lesson in how appearances go against truth in the average Trojan's attacks. Whether it's arriving as a fake file or implementing attacks with misleading symptoms, believing what random programs tell you to be true is as unsafe as inviting complete strangers into your home.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.