Osiris Ransomware
Posted: December 6, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 8/10 |
---|---|
Infected PCs: | 21 |
First Seen: | December 7, 2016 |
---|---|
Last Seen: | February 10, 2022 |
OS(es) Affected: | Windows |
The Osiris Ransomware is a new version of the '.locky File Extension' Ransomware. Its symptoms, including desktop-hijackings, Web-based ransom messages, and threatening data-encrypting attacks meant to lock your files, are consistent with other members of this family. Vulnerable PC users can protect their PCs by updating all anti-malware software for removing the Osiris Ransomware accurately, as well a scrutinizing common infection vectors like e-mails.
More Threats Ferrying Your Files to a Temporary Afterlife
The '.locky File Extension' Ransomware's stint at mythological self-branding has yet to end, although this choice of themes does little to change the consequences of an infection. The pattern that began with threats like the '.aesir File Extension' Ransomware and the '.thor File Extension' Ransomware now continues with the Osiris Ransomware, whose attacks malware experts confirm starting from the first week of December. Other updates to the Osiris Ransomware unrelated to its theme swap also appear to be targeting heuristic detection methods by various brands of security software, facilitating the Osiris Ransomware's undetected installation.
The central profitability from the Osiris Ransomware's campaign hinges on locking a victim's files through a data-encrypting attack. The Osiris Ransomware's version of this payload continues using an asymmetrical, AES-RSA combination that presents a difficult-to-surmount task for data recovery. Although malware researchers find the Osiris Ransomware using a new extension ('.the Osiris') for these files, the Trojan also is notable for wiping the rest of the name with a string of new characters in dash-encased blocks. The new name represents the ID number the victim uses while engaging in paying the Osiris Ransomware's administrators out of hope for their decryption help.
The Osiris Ransomware also includes several symptoms for enabling that cash transfer as follows:
- The Trojan displays a standard image file for the '.locky File Extension' Ransomware family that contains instructions on using anonymous Web-surfing software to access its ransom-payment site. It locks the desktop wallpaper to this image by default.
- You also may find other instructions through a local HTML page that the Osiris Ransomware places in several locations, including the desktop and most directories with any encrypted content.
Resurrecting Your Data from Trojan Tampering
Although the aftereffects of the Osiris Ransomware attacks are obvious, relying on these symptoms to detect infections can place you in a position of suffering long-term damage to your local files. The Osiris Ransomware doesn't attack operating system-essential data but may encipher documents, pictures and other media. Paying the ransom is wholly dependent on the generosity of the Osiris Ransomware's threat actors for achieving any degree of data recovery.
Thoroughly-maintained backup strategies can eliminate the risks of decryption by providing recovery options that the Osiris Ransomware can't sabotage. Malware researchers especially see good results against file-encrypting Trojans with backups stored on removable devices and kept in most cloud storage services. Anti-malware products updated for detecting threats of this classification regularly also should be able to remove the Osiris Ransomware during an installation attempt, such as via disguised e-mail attachments.
The Osiris Ransomware's authors chose a somewhat unusual and even educational theme, but this update of old threat is a topic of interest for its successful evasion of various threat detection methods primarily. Consequentially, updating your security software at least as often as threat authors update their Trojans is an action with very clear benefits.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.