Pizzacrypts Ransomware
Posted: July 8, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 14 |
| First Seen: | July 8, 2016 |
|---|---|
| OS(es) Affected: | Windows |
The PizzaCrypts Ransomware encodes your PC's data with an encryption algorithm while also adding changes to individual file names for visibility purposes. Such attacks are intended to acquire funds through ransoms paid in return for a decoder, although doing so is not always a reliable means of data recovery. PC owners facing such attacks should protect their PC's contents with proper backup storage, and anti-malware tools capable of removing the PizzaCrypts Ransomware on sight.
A Slice of Trouble Downloaded for Free
In 2016, exploit kits are taking a back seat in the ransomware industry in comparison to other distribution methods, such as e-mail spam. However, a recent, ransom-based Trojan was confirmed for using the Neutrino Exploit Kit, a malware-installing threat previously responsible for assisting with campaigns like that of the Panda Banker. The PizzaCrypts Ransomware is the Neutrino Exploit Kit's payload and shows all the hallmarks of being a modern, traditional file encryptor using its capabilities for ransom attacks.
Like other exploit kits, the Neutrino Exploit Kit is a Web-based threat, most often embedded into a previously-compromised or dedicated, corrupted website. Individual attacks may promote these sites through spam e-mail links or other forms of social engineering that disguise the URL. Once loaded by a vulnerable browser, the exploit kit scans for a relevant software vulnerability from its database, and, if possible, downloads and installs the PizzaCrypts Ransomware automatically.
The PizzaCrypts Ransomware launches automatically as a concealed, background process that scans for files associated with media and other, 'disposable' formats. In addition to renaming this content with a custom ID number and its personal e-mail contact, the PizzaCrypts Ransomware also sends it through a (currently unconfirmed) encryption algorithm, blocking any further use of the files. Malware experts also saw the PizzaCrypts Ransomware reusing old ransom notes from past threat campaigns, which, as per usual, reroute the victim to an e-mail ransom-haggling format for recovering their information.
Keeping Your Files from Being Topped with the PizzaCrypts Ransomware
The PizzaCrypts Ransomware shows many traits in line with encryptor Trojans and is likely of being a variant of malware like the HydraCrypt Ransomware or the JuicyLemon Ransomware. Despite that resemblance, the PizzaCrypts Ransomware's pivot in distribution strategy could take many victims by surprise; exploit kits can trigger without visible symptoms, and load effectively into central, 'watering hole' websites that are receiving high traffic.
PCs using out-of-date programs are more vulnerable to these attacks than updated machines. Even exploit kits including unpatched exploits in their attacks should terminate against the protection provided by anti-malware tools with browser-monitoring functionality automatically.
Paying a ransom to retrieve any encrypted content is not necessarily a reliable method of recovering from a PizzaCrypts Ransomware attack. At-risk PCs should backup all data to safe resources such as a detachable USB drive. No security organizations have released a free decryptor for this campaign, and decryption is a separate process from uninstalling the PizzaCrypts Ransomware with proper anti-malware products.
As malware experts often find to be the case, the easiest way of keeping the Trojan flavor of the month away from your data is to take the right security steps beforehand.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.