'.obfuscated File Extension' Ransomware

'.obfuscated File Extension' Ransomware Description

The '.obfuscated File Extension' Ransomware is a file-locking Trojan that can encrypt media on your PC, such as documents, for selling the unlocking service later. Users with any other recovery options for their work should ignore the ransoming demands, and traditional backup strategies should protect your files. Update your anti-malware tools for helping their accuracy with removing the '.obfuscated File Extension' Ransomware safely, which has an unusually high evasion rate for its category.

A Little Data Obfuscation for Your Bitcoins

A new file-locking Trojan is starting up attacks against Windows users, with only Mexican victims, for the moment. The '.obfuscated File Extension' Ransomware has little to differentiate its attacks from those of a family like the Globe Ransomware's Ransomware-as-a-Service business or the 'free' Hidden Tear program. However, malware experts do express some concerns over the unusual effectuality of the '.obfuscated File Extension' Ransomware's self-obfuscation from threat-detecting metrics.

There are multiple variants of the '.obfuscated File Extension' Ransomware with questionable differences between their payloads, although all versions should include the file-locking behavior and the generating of ransom notes. The '.obfuscated File Extension' Ransomware's original size, as an executable, ranges from under one megabyte to over two, but the Trojan always is built for 32-bit Windows operating systems. After running, the '.obfuscated File Extension' Ransomware launches an encryption-based attack against the user's local media.

The '.obfuscated File Extension' Ransomware's file-blocking behavior exploits encryption's capability for converting files into temporarily illegible formats, and adds secondary 'obfuscated' tags to their names, after the first extensions. The '.obfuscated File Extension' Ransomware also creates 'Read Me' Notepad files with its ransoming instructions, although the pertinent information boils down to little more than an e-mail address and a recommendation for procuring Bitcoins for the unlocker. Using the cryptocurrency for ransoms, as malware experts often see throughout different file-locking Trojans' families, lets the threat actors keep their anonymity and evade the finance industry's refund policies.

Deobfuscating a Well-Hidden Trojan

The '.obfuscated File Extension' Ransomware's greatest success, arguably, lies in its avoidance of detection by current rulesets and heuristics for identifying threatening software. As a rule, malware experts always recommend updating software for improving its efficiency and closing vulnerabilities regularly. However, in the case of protecting your files from the '.obfuscated File Extension' Ransomware, with less than half of the major AV companies' products detecting two out of three samples, updates may be especially necessary.

While malware experts do note the '.obfuscated File Extension' Ransomware's campaign as being active, any infection methods it uses aren't certain. Previously, file-locking Trojans employed exploit kits running through their victims' browsers, port-scanning and brute-force attacks against network-accessible systems, and spam e-mails. Having safe browsing habits will keep most users out of any significant risk while their anti-malware products, hopefully, will block or remove the '.obfuscated File Extension' Ransomware as appropriate.

The encryption that the '.obfuscated File Extension' Ransomware uses could be decryptable or not, and the users shouldn't bet on the former. When a backup to a spare USB can take care of most of your problems, it would be reckless to hope that new Trojans can't do anything permanent to your work.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to '.obfuscated File Extension' Ransomware may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Posted: January 16, 2019
Home Malware Programs Ransomware '.obfuscated File Extension' Ransomware

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.