IT Ransomware
The IT Ransomware is a file-locking Trojan that includes attacks for encrypting digital media and locking the user's screen or desktop. Users should always have a backup to protect their files and use standard Windows recovery options for working around user interface-blocking attacks. Always use suitable anti-malware products for uninstalling the IT Ransomware or preventing infection attempts by traditional means such as document exploits.
A Program that Clowns Around with What's Yours
The iconic horror novelist, Stephen King, is just as popular with Trojans as his works are in the literary realm. Trojans like the Redrum Ransomware, the Pennywise Ransomware, and the particularly-new the IT Ransomware all attest to the author's long-enduring legacy, albeit ironically. The IT Ransomware is of interest to malware researchers as a rare confirmation of a variant of the Cobra Locker Ransomware (or Cobra_Locker Ransomware), a file-locking Trojan whose family is considerably smaller than average.
The IT Ransomware, which themes itself from the movie adaptation depicting a notorious killer clown, leverages this idea in its most highly-visible symptom: a screen-locking alert that's a radical revamp of its ancestor's pop-up. This revised version features an image of the Pennywise clown, elements related to the decryption-ransoming process, and English instructions giving an e-mail address for negotiating. The latter isn't different from the previous Cobra Locker Ransomware account and might be a placeholder.
Although its pop-up can block the user's access to UI elements like the Start Menu, it's less relevant to victims than the encryption feature. This encryption routine locks different media types, such as spreadsheets, documents, or pictures, and inserts 'it' extensions after the default ones for identifiability. Since the IT Ransomware's family's encryption is secure, users have no free unlockers available, although they may recover their work from any backups they already have.
Making a Fake Scare Out of Frightening Clowns
Aesthetically and functionally, the IT Ransomware is a callback to old styles of file-locking Trojans that emphasize emotionally-engaging themes and locking users out of their interfaces, like the Jigsaw Ransomware. The screen-locking feature of the IT Ransomware is circumventable by restarting without loading the Trojan, such as by using Safe Mode – which is available in all recent versions of Windows. Unfortunately, users without backups on other devices or intact Restore Points have no viable, free solutions for restoring their media.
The IT Ransomware includes its name in its file details, although it doesn't use advanced code obfuscation, digital certificates or similar tactics. It could be circulating as a pirated copy of the recent release of the film of the same name, which makes torrents and illicit movie websites the most likely sources of exposure to it. While malware experts recommend avoiding unlawful downloads, in general, all users also should scan new files before opening and pay attention to details like extensions.
Generally, file-locking Trojans depend on attacking before being detected instead of evading threat detection metrics. This Trojan is no different from the majority, and most dependable anti-malware programs should remove the IT Ransomware before it starts locking files.
A murderous clown popping up on one's monitor is little more than the herald of neglected security practices. As scary as the IT Ransomware might appear, any meeker Trojan with the same payload would do just as much harm to users who aren't backing up their work somewhere secure.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.