SecretSystem Ransomware
Posted: May 19, 2017
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 1 |
| First Seen: | May 19, 2017 |
|---|---|
| OS(es) Affected: | Windows |
The SecretSystem Ransomware is a Trojan that disguises its attempts to encrypt your files as being Windows updates. Although this threat tries to ransom your media by offering a premium decryption key, malware experts recommend using the free recovery solutions available currently. Updated anti-malware applications also have high detection rates for removing the SecretSystem Ransomware on sight as a threat to your PC.
Please Wait for Trojans to Finish Attacking Your Computer
Globe Ransomware or Hidden Tears and uses AES-based ciphers to modify and block just over thirty types of files. The content under attack includes JPG, XLS, ZIP, MP3, and DOC, as some examples. However, malware experts also noticed an additional element in the SecretSystem Ransomware's payload that's more unusual than its encryption: a borderless pop-up that the Trojan uses for hiding its file-scanning and encoding routine.This window displays an imitation of the Windows update screen, although with a slightly different phrasing and a lack of a percentile counter. Victims obeying the request to wait and refrain from rebooting will find that, once the fake update screen vanishes, most of their media will be encoded and unreadable.
The Open Secret to Beating Trojan-Based Ransom Collectors
The disguise the SecretSystem Ransomware uses for keeping users from disrupting its attack isn't new (similar techniques also are in use with the Comrade Circle Ransomware, for example) but does represent a relatively rare self-defensive strategy for Trojans of its category. This attempt to hide an attack behind a highly visible pop-up is a high-stakes gamble that could give con artists all the time they need to encrypt everything of value on your hard drive. However, any Windows users familiar with standard update formatting also may identify the SecretSystem Ransomware's pop-up as a fraud.
When recovering from attacks that involve enciphering-based data loss, victims should research all free solutions before ransoming a decryption key or program from a Trojan's threat actor. Because the SecretSystem Ransomware doesn't use RSA algorithms or other means of protecting the files it locks, most users should be able to retrieve any content with free decryption on offer by various security organizations. As always, malware experts also encourage protecting your PC with any of various anti-malware solutions that can delete the SecretSystem Ransomware after exposure through infection strategies like spam e-mails.
Con artists have every reason not to be honest with the people they're taking advantage of for profit. Just because a window says it's from Windows doesn't necessarily mean it's not from a would-be extortionist like the SecretSystem Ransomware.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.