MMM Reborn V4 Ransomware
The MMM Reborn V4 Ransomware is a variant of the MMM Ransomware or the TripleM Ransomware. As the fourth release in the MMM Reborn Ransomware branch, it uses different text messages and encryption technology, although, still, for blocking media and forcing payments from the victims. Users should recover their files from backups, if they can, after using appropriate anti-malware tools for removing the MMM Reborn V4 Ransomware.
Trojans Reincarnated for the Fourth Time Over
The line of file-locking Trojans that began with the MMM Ransomware two years ago is continuing with a new model in 2019. The MMM Reborn V4 Ransomware has more significant changes to its payload than most of the file-locking Trojan variants that malware experts see, but its overall strategy retains its consistent approach. The MMM Reborn V4 Ransomware's campaign locks files with encryption, drops messages demanding money, and awaits a costly Bitcoin payment before, supposedly, giving victims the decryption service that recovers their work.
Although the MMM Reborn V4 Ransomware attacks Windows machines and uses communicating features in fluent English, the samples give no evidence of which regions of the world it's infecting. While encrypting files on the PC for locking them, the MMM Reborn V4 Ransomware may circumvent UAC prompts inadequately, which could cause the visible display of permission requests and alert the user to the attack. Otherwise, there are few symptoms before the MMM Reborn V4 Ransomware finishes encrypting documents, images and other media formats.
This version of the MMM Reborn V4 Ransomware is reverting from a Web page-based ransom note to a Notepad TXT one, with text that malware experts consider as being new to the family. The fact that the MMM Reborn V4 Ransomware is asking for an incredibly expensive eight Bitcoins (over thirty thousand dollars) for the unlocker makes it likely that the threat actor is ignorant of the conversion rates or is targeting well-financed business and government entities, specifically. Like most file-locker Trojans, the MMM Reborn V4 Ransomware and the rest of its family remove the Shadow Volume Copies simultaneously, which makes data repair with Windows features difficult.
Data Rebirth without the Cost Attached
Some versions of MMM Ransomware are compatible with free decryption solutions, but the threat actors that are managing the MMM Reborn V4 Ransomware are, accordingly, changing their encryption technique. The MMM Reborn V4 Ransomware uses AES protected with RSA-2048 encryption for its file-locking routine, which makes any data recovery without the criminal's key database an unlikely proposition. Users always should have backups of their work safely saved to other devices for recovering from infections by the MMM Reborn V4 Ransomware and all similar classes of threats.
Distribution methods of high probability for the MMM Reborn V4 Ransomware include disguised e-mail attachments (invoices, news articles, or office equipment notifications) and brute-force attacks that break into networks by estimating their login credentials. Defensive password protocols can reduce success rates for the latter, and most anti-malware tools should delete the MMM Reborn V4 Ransomware and related threats in the former cases.
The MMM Reborn V4 Ransomware's demonstration of the stubborn revival of this line of Trojans means that Windows users aren't struggling with protecting their files only against big-name families like Hidden Tear or the Scarab Ransomware. Small collections of Trojans, with more specific distribution and ransoming plans, could be even more threatening than their sprawling kin.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.