Mole03 Ransomware
Posted: July 25, 2017
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Ranking: | 3,183 |
---|---|
Threat Level: | 8/10 |
Infected PCs: | 41,422 |
First Seen: | July 25, 2017 |
---|---|
Last Seen: | October 15, 2023 |
OS(es) Affected: | Windows |
The Mole03 Ransomware is an updated member of the CryptMix Ransomware, a family of Trojans that locks your files so that it can ask for money to restore them. Unlike many file-encrypting campaigns, the Mole03 Ransomware's distribution uses compromised websites and fake pop-up notifications to compromise the victim's PC. Maintaining your Web-browsing security, abiding by backup schedules, and using anti-malware protection for removing the Mole03 Ransomware all are valid ways of protecting your computer.
The Trojan Mole is Adding a Fresh Tunnel to Its Burrow
The next version of the EiTest campaign seems to be priming for release into the wild, with malware experts confirming new samples of a MOLE Ransomware update: the Mole03 Ransomware. Although its ransom processing services lag slightly behind the Trojan's payload, this threat continues blocking the victim's media and delivering messages asking for money to recover them. Most changes to its symptoms appear as being superficial, although there remains the possibility that the Mole03 Ransomware is including meaningful encryption changes that aren't readily apparent.
The Mole03 Ransomware, like most members of the CryptMix Ransomware family, is exploiting unsafe Web content inserted into hacked domains for installing itself. Then, it uses this system access to encrypt different, popular formats of media, such as PNG, JPG, PDF, DOC and DOCX. The Mole03 Ransomware updates the extension for these blocked files to '.MOLE03' and converts the original name with the Base64, which makes it resemble a series of semi-random alphanumeric characters.
Malware experts found fewer changes to the Mole03 Ransomware's ransoming message, which sells its file-restoring decryption service. The text file, which the Mole03 Ransomware places in the same folders as any encoded media, provides the victim with a unique ID and two links to its TOR websites. At this time, the threat actors have yet to update the Mole03 Ransomware's domains; any victims who try to pay the ransom receive greetings from a site offering decoding help for the previous versions of the MOLE Ransomware.
Keeping Bad Software Underground
The free decryption options for the Mole03 Ransomware's family are highly limited, and preventing an infection is the best defense malware analysts can recommend, outside of keeping backups of any files that would be at risk of being locked. The Mole03 Ransomware's installers are disguising themselves as fake font update and technical support pop-ups, both of which launch through the user's Web browser after accessing one of a variety of hacked sites. Disabling content such as JavaScript and Flash, and blocking advertising networks with poor security standards, can lower your chances of encountering the Mole03 Ransomware while surfing the Web.
Always back your files up to another device to keep threats like the Mole03 Ransomware from being capable of taking your media hostage. Until a decryption breakthrough occurs, Windows users will need to rely on prevention-based security standards to eliminate data loss that may not be reversible. However, most anti-malware products can delete the Mole03 Ransomware and other members of the wider Cryptmix Ransomware family with limited impediments.
Advertising content is a gateway to both the ideals of capitalism and a possible path to a consumer harming him or herself. Trusting a suspicious security alert or a strange Web error as being above the board is one way in which PC users compromise their machines and add to the Mole03 Ransomware's profit.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.