Sequre Ransomware
The Sequre Ransomware is a file-locking Trojan that prevents documents, pictures and other files from opening by encrypting them. Its features also include generating ransom notes in advanced HTML files, overwriting filenames, and using internal methods of avoiding detection by some security solutions. Keep backups of your data for preserving it against this threat's attacks and use anti-malware programs for uninstalling the Sequre Ransomware and evading any future damages.
Trojans Keeping It All on the Inside
Malware researchers are noting one of the first attempts at combining the functions of a Trojan dropper, or a Trojan that 'drops' another program onto the infected PC, with those of a data-encrypting (and ransoming) threat. Although the methods in use by the Sequre Ransomware are known and in use by other threatening software, such as the man-in-the-browser spyware, its exploits are uncommon to file-locking Trojans, in general. The extra effort its author put into its code could help the Sequre Ransomware avoid some means of threat detection in use by the anti-malware industry at large currently.
Like the Globe Ransomware (whose ransom note it imitates), the Sequre Ransomware locks documents, pictures, and other media on Windows PCs by encrypting them in AES via a process that it hides from the user. The Sequre Ransomware overwrites the names of these files completely by inserting a bracketed hex code and an e-mail address for its ransoming negotiations. After completing its attack, the Sequre Ransomware creates a pop-up application in HTA that delivers the ransoming message, which asks for slightly over one thousand USD in Bitcoins for getting a decryption solution.
The Sequre Ransomware's landmark feature is its intentional absence of a direct encryption function. The Trojan's alternative employs the running of a second, encrypted program in the PC's memory without writing it to disk. This extra application handles all of the file-locking behavior without exposing itself to many of the threat-detecting metrics in use by the anti-malware industry.
Securing Your Files against a Sequre Ransomware Attack
The same techniques that the Sequre Ransomware uses for protecting its encryption capabilities are traditional to advanced forms of banking Trojans and other spyware but are rarer for file-locking threats. Because this threat is well-obfuscated from any casual detection attempts particularly, malware experts recommend updating your anti-malware programs' threat databases for counteracting any infection vectors that the Sequre Ransomware may use. E-mail attachments, document macros, torrents, and exploit kits all are possible infiltration routes that its campaign could use.
The samples of the Sequre Ransomware include some clearly-apparent 'test' features, but, in other respects, are functioning as intended and ready for deploying themselves against any live targets. Windows users always should back their files up to another device to preserve media against file-locking and deleting attempts like those of the Sequre Ransomware infections. Suitably up-to-date and comprehensive anti-malware programs, still, should stop and remove the Sequre Ransomware on sight.
If the Sequre Ransomware's feature becomes the latest trend in its underground industry, the average PC user's files may be in more danger than ever before. When Trojans increase their sophistication, it's up to a potential victim to keep the attack from happening as much as possible.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.