JesusCrypt Ransomware

The JesusCrypt Ransomware is a file-locking Trojan that can block your media by encrypting it. Such attacks are, often, not reversible with private decryption information, and users should have backups stored safely for a failsafe. Conventional anti-malware programs for Windows should, however, delete the JesusCrypt Ransomware as a danger to your computer.

Young Trojans Picking Up Religion

Unidentified threat actors are testing out a newly-made Trojan with the traditional encrypt-and-ransom tactic. The JesusCrypt Ransomware is an independent threat that's not within the circle of influence of more important Ransomware-as-a-Service families like the Crysis Ransomware but offers many of the same dangers to users without backups. While the JesusCrypt Ransomware is using various placeholder elements, other parts of its payload make it evident that it's after money – and plans on endangering files in the process of getting it.

The JesusCrypt Ransomware is a Windows program that uses unknown encryption methods for blocking data. However, it's likely of employing AES and RSA, in keeping with families like the STOP Ransomware. The Trojan tags every name of what it locks in this fashion with an extra 'jc' extension and also creates two ransom notes: a text one and an image-based one. The latter uses an English template that's from older Trojan resources but includes modifications for showing the JesusCrypt Ransomware's name.

Although the wallet address isn't complete yet, the JesusCrypt Ransomware does ask for a specific ransom for the unlocker: two hundred USD in Bitcoins. The use of cryptocurrency remains crucial to the file-locking Trojan industry, due to victims being incapable of getting refunds afterward – without the criminal's consent. As such, the JesusCrypt Ransomware's author could always accept the payment, make no effort for restoring data, and suffer no penalties for it.

Casting Aside Blind Faith in File Safety

Like contemporaneous religion, the JesusCrypt Ransomware expects its audience to take some things on blind faith, although this Trojan does so with extortionist ends instead of ones attending to the spiritual wellbeing of humanity. Malware researchers recommend against paying the fine in its TXT 'READ_IT' file if there are any chances of recovering content through the Shadow Volume Copies or other backups especially. Saving one's backups to external devices can be a particularly useful solution to file-locking Trojan infections, regardless of their lineage.

Besides such preemptive safeguards, users also can render themselves less at risk from an attack through steps such as:

• Installing software updates will remove security flaws that leave your PC open to remote code execution or privilege escalation vulnerabilities, among others.
• Disabling certain browser features such as Java, JavaScript, and Flash can make it safer while browsing the Web.
• Using strong passwords will block out casual brute-forcing attacks from gaining control over an account.
• Settings related to RDP always should be kept monitored closely lest an attacker uses it for threatening purposes.

While 'Jesus saves' is a famous rallying cry among Christians, prayer can't deliver salvation unto encrypted documents or databases. Instead, users should rely on the preexisting tools given by the grace of God and technology – like a simple backup – for beating the JesusCrypt Ransomware to the punch.