Home Malware Programs Ransomware '.securityP File Extension' Ransomware

'.securityP File Extension' Ransomware

Posted: March 26, 2019

The '.securityP File Extension' Ransomware is a new version of the Paradise Ransomware, the file-locking Trojan that encrypts media files with RSA algorithms. Besides blocking files and holding them for ransom, the '.securityP File Extension' Ransomware may cause other symptoms, such as, most visibly, the hijacking of your desktop's background. Users always should possess backups for maximizing their data restoration capabilities, as well as anti-malware software for removing the '.securityP File Extension' Ransomware.

A Crook's Concept of Paradise Comes to Asia

One small-but-credible family of file-locker Trojans that malware analysts looked at in 2017 isn't dead, yet. The Paradise Ransomware, while not nearly as competitive, numerically, as similar Trojans like the Scarab Ransomware, is getting new campaigns more frequently than previously. The '.securityP File Extension' Ransomware, arriving not that long after its fellow variant of the 'babyfromparadise666@gmail.com' Ransomware, is campaigning in South Korea. The length of its encryption routine may be the best hope that the users have of interrupting it before it finishes taking all of their files hostage.

The '.securityP File Extension' Ransomware secures the files that it attacks with two RSA keys, instead of a simpler combination such as AES or XOR and RSA. While this method does extend the duration of the file-locking function, it also is effective at keeping users from cracking it and restoring their files without paying. The '.securityP File Extension' Ransomware drops a text file with its ransoming demands, which, up front, come to no more than recommending that victims contact one of two e-mails. The use of a security-related theme could imply the threat actors' attempting to portray themselves as being parts of a legitimate PC security company, however, which could increase their ransoming success.

Some of the other issues that are worth confirming in a possible '.securityP File Extension' Ransomware infection include:

  • The '.securityP File Extension' Ransomware may replace your Windows wallpaper with an encryption warning message.
  • The '.securityP File Extension' Ransomware may access your network-shared drives, instead of just local ones, for any file-locking purposes.
  • The '.securityP File Extension' Ransomware can make significant alterations to the names of your files, including, not just the different extension, but also, e-mail addresses and semi-random character strings.

Computer Security without Paying a Ransom for It

The '.securityP File Extension' Ransomware is a Windows-based threat, just like its relatives of the 'babyfromparadise666@gmail.com' Ransomware and the Yourencrypter@protonmail[.]ch Ransomware. While its installation exploits are only active within South Korea verifiably, the '.securityP File Extension' Ransomware's payload should be able for encrypting files in other countries, without any discrimination. Regrettably, malware experts are considering the production of any free decryption services for the '.securityP File Extension' Ransomware infections as being unlikely.

However, users can protect themselves and their files beforehand. Back up your work to other devices that the '.securityP File Extension' Ransomware can't access, disable threatening features (such as Word's macros or your browser's JavaScript) and scan any downloads that are unsafe potentially, such as e-mail attachments. Anti-malware products can, nearly universally, find and remove file-locking Trojans on sight and should delete the '.securityP File Extension' Ransomware without problems.

For now, the '.securityP File Extension' Ransomware is Asia's problem, but the Paradise Ransomware's reach is larger than that. When a family so small keeps active, figuring out how it will strike next isn't always easy, even for the PC security industry's professionals.

Loading...