Recuperadados@protonmail.com Ransomware
Posted: December 11, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 0 |
| First Seen: | December 11, 2016 |
|---|---|
| OS(es) Affected: | Windows |
The 'Recuperadados@protonmail.com' Ransomware is a file-encrypting Trojan that locks your files with a cipher and holds the key to decoding them for a ransom payment. Backing up your hard drive in multiple locations that you update regularly is essential to avoiding any need to pay for decryption help. Preferably, most anti-malware programs also may block and delete the 'Recuperadados@protonmail.com' Ransomware during its attempt to gain access to your PC in the first place.
A Premium Lock on Your Hard Drive
Although a majority of file-encrypting threats prefer using any of several bit-sizes of AES-based algorithms, the Globe Ransomware is a stand-out that continues using Blowfish ciphers to block its victims' data. Now, malware researchers are seeing another potential member of that family: the 'Recuperadados@protonmail.com' Ransomware. This Trojan most likely is targeting Spanish speakers in relevant regions of South America or Europe.
The 'Recuperadados@protonmail.com' Ransomware's use of the Blowfish algorithm changes little about its payload's practical impact and symptoms. Malware researchers recommend looking for the following issues:
- The 'Recuperadados@protonmail.com' Ransomware scans for files, basing any targets on both their formats (such as DOC or JPG) and the directory locations potentially. Then, they're encoded to block you from opening them with any associated applications.
- The files affected by the previous attack may have their names modified. Malware researchers can't confirm all filename changes made by this threat but changes to the extension are highly likely.
- The 'Recuperadados@protonmail.com' Ransomware also may generate advanced HTML pages for the encrypted folders or your desktop. These pages contain ransom instructions for paying the Trojan's threat actor to decode your files.
Unlike some threats with similar feature sets, the 'Recuperadados@protonmail.com' Ransomware doesn't appear to use a 'lock-screen' style attack that blocks you from opening other programs or using your desktop.
Free File Recovery Versus Expensive Trojans
Although the 'Recuperadados@protonmail.com' Ransomware's threat actors profit from forcing victims into paying out of a chance of getting their content decrypted, paying isn't necessarily a sure means of recovering the damaged files. Malware experts see far better rates of success with restoring encrypted content from unaffected backups, especially ones saved to uninfected locations, such as peripheral devices. General decryption tools available for free on the Web also may be able to decode the 'Recuperadados@protonmail.com' Ransomware's payload.
The 'Recuperadados@protonmail.com' Ransomware may be disseminating itself through spam e-mails, bundling with other software, or fake downloads, such as pirated game installers or cracks. Scanning incoming downloads with anti-malware products before opening them can delete the 'Recuperadados@protonmail.com' Ransomware and deny it a chance to attack your files. Although malware analysts always encourage preventative security strategies, payloads like the 'Recuperadados@protonmail.com' Ransomware's display the potentially irreversible nature of a Trojan's attacks.
The 'Recuperadados@protonmail.com' Ransomware's family is not yet fully verifiable as being related to the Globe Ransomware. Whether or not this file-encoding Trojan is a direct relative of previous ones, it shows that con artists aren't interested in slowing the pace by which they create new problems for the average PC user.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.