Revon Ransomware
The Revon Ransomware is a file-locking Trojan that's part of the Phobos Ransomware's family, a notable spin-off of the Crysis Ransomware. As per most other members, it will take files on your computer hostage by encrypting documents, pictures and other media. Users should have backups for protecting their work from this often-irreversible attack and use anti-malware products for deleting the Revon Ransomware.
A Little Fear for Any Files without Spares
The fear-themed Ransomware-as-a-Service, Phobos Ransomware, is remaining a valid competitor against similarly-active threats in 2020, such as the STOP Ransomware and the Globe Ransomware's families. A new version, the Revon Ransomware, carries forward the well-known attacks of its ancestors: first and foremost, automatic data encryption. While the Revon Ransomware brings little that's new to the table, nor does its business model, so far, require any drastic upgrades.
The Revon Ransomware isn't the only version of the group that's out in the wild this year. Its accompaniment consists of relatives like the Eight Ransomware, February's Dewar Ransomware, or January's Devos Ransomware and Dever Ransomware. Like them, the Revon Ransomware targets Windows environments and uses an AES encryption routine for blocking content that includes most commonly-used media formats, such as Word DOCs or JPG pictures. Users can determine the files in question through the appended extensions, which include the Revon Ransomware's name, an e-mail, and an ID string.
Once its capturing of files finishes, the Revon Ransomware creates a Notepad TXT and an HTA pop-up with details on the ransoming portion of the proceedings. While victims may take the risk of paying Bitcoins, they also should remain alert to the high potential for not getting a decryptor out of doing so. Malware experts also emphasize the security surrounding this family's encryption method and can recommend few recovery options, besides an unencrypted backup, for a definitive recovery.
Slowing Down the Rate of the Revon Ransomware's Gains
Although the Phobos Ransomware family uses the Greek word for 'fear' as its brand, infection vectors for its many variants are relatively flexible. Malware experts are catching versions of the Revon Ransomware using names such as 'Fast.exeXX,' which may serve the double purpose of confusing the file's format and marketing it as some form of system-optimization software. Downloads may occur through torrents, compromised websites or e-mail attachments.
Threat actors also may drop the Revon Ransomware after gaining more direct control over the PC, such as by brute-forcing login credentials. Safe browsing habits, appropriate choices in passwords, and conservative settings like disabling macros and JavaScript will prevent most attacks from delivering the Trojan. Backups on other devices are commendable, regardless, due to the high level of activity from other file-locking Trojans besides the Revon Ransomware and the rest of Phobos Ransomware's family.
Only Windows users are at risk from this Trojan currently. They may use trusted brands of anti-malware services for detecting this Trojan heuristically or removing the Revon Ransomware, in extreme cases.
Still, there isn't any fast or easy solution to the encryption and file-blocking issues that the Revon Ransomware creates so readily. There's always something worth fearing, presuming that you're a computer user who isn't updating your backups.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.