SeginChile Ransomware
Posted: May 20, 2016
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 21 |
| First Seen: | May 20, 2016 |
|---|---|
| Last Seen: | January 21, 2022 |
| OS(es) Affected: | Windows |
The SeginChile Ransomware is a threatening file encryptor that blocks your access to your data by modifying it with an AES-based encryption algorithm. Unlike most threats of its kind, the SeginChile Ransomware does not ask for payments in exchange for decrypting this content. However, its recommended solution may include other security hazards, and malware experts continue advising any victims to delete the SeginChile Ransomware and use other methods of recovering any damaged files.
When a Perfectly 'Good' Ransomware Comes without a Ransom
While they're well-known for suffering through periodic banking Trojan campaigns, South American residents also have to protect themselves from other forms of threat attacks. The SeginChile Ransomware's campaign, a Chile-based one delivered with accompanying Spanish-languages instructions, is perhaps the strangest of such attacks to date. While it includes almost all of the functions that one would expect of a traditional file encryption attack, malware experts confirmed a distinct omission: the lack of any ransom demands.
The SeginChile Ransomware's code bases itself on the eda2 open-source threat, which was a creation of the same entity responsible for Hidden Tear. While its distribution methods remain unconfirmed, past threats using the same code have been delivered through attacks stressing infiltration through illicit software downloads and spam attachments. Once infecting a PC, the SeginChile Ransomware runs through its payload, with functions including encrypting certain file types (DOC, HTML, JPG, PPT, and XML, for example) with an AES-256 algorithm, also adding a '.the SeginChile' extension to their names.
By far, this threat's most unusual feature is its instructional messages, which it places on your PC in HTML, TXT and desktop wallpaper formats. Although the SeginChile Ransomware does ask victims to undergo a Web-based procedure for procuring a key and decrypting their content, the SeginChile Ransomware makes no attempt to sell these services for money, which is the SOP for threatening file encryptors. The process launches through an automated Web application that leaves little room for con artists to insert manual ransom demands later.
Safely Dealing with the World's Cheapest File Encryptor
At a first glance, the SeginChile Ransomware may seem like an entirely harmless Trojan whose attacks can be remedied just by following the instructions it provides. However, since the automated process does require file downloads, malware experts caution that this attack could be a particularly convoluted attempt to install other threats. It also remains possible that the SeginChile Ransomware is a 'proof of concept' Trojan, with the ransom only meant for insertion at a later date.
The SeginChile Ransomware also shows some indications of using its instructions to identify itself incorrectly as being endorsed by entities in the Chilean security sector. As ever, attacks that encrypt content on your computer automatically never can be assumed to originate from a government branch or other, legally-backed authority. Ignoring all recommendations and instructions from the SeginChile Ransomware, and using backups to keep your files safe, are the two most important steps in responding to this threat.
Proper security protocols recommend deleting the SeginChile Ransomware, along with any other threat, with dedicated anti-malware applications before you implement any form of data retrieval. However, for Chilean residents, the most sensible course of action most likely will continue being avoiding unsafe downloads and scanning e-mail attachments that aren't immediately recognizable as being safe.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.